Re: Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it

Jeffrey F. Bloss wrote:

Derek Broughton wrote:

Jeffrey F. Bloss wrote:

Chanchao wrote:

All the man says is that at this point he prefers not to have to
save this file somewhere where he can save it, exit the
application, use gksudo to open it again, re-apply the changes,
save again.
...
access rights after entering the sudo password: great. Or if a
script is called that saves the file as a temp file, closes the
application and re-opens it again after authenticating as
administrator: Just as great.

That's all. No Unix-security-blasphemy takes place.

Nonsense. You're suggesting that every application be allowed to
determine who is and is not permitted to act as an administrator
independent of the OS. That's not blasphemy, it's castration. You're
asking that the entire Linux/Unix authentication mechanism be
undermined.

Don't be silly - applications _do_ do this, and as Chanchao says it
isn't Unix blasphemy.

Yes, and if you read back through the thread I thought I'd made this
clear when I stated quite plainly that there's two avenues of attack to
this "problem"... either neutering the Linux/Unix security model, or
convincing every Tom, ***, And Harry software author to rewrite their
wares in a compliant and *secure* way. Like I said, it's not gonna
happen in our lifetime or likely any other.

But right here, Chanchao just asked for it to be done on a per-application
basis, and you told him that he was castrating the unix security model.
His suggestion most certainly does not.

That said, even if the "Tom/***/Harry" solution were logistically
feasible it's a monster of a security nightmare in itself. Do *you*
trust any and every software author on the planet to properly implement
the authentication and execution of administrative rights,

Again, you don't have to. If, in the particular example Chanchao used, the
file was written to a temp file, then copied to the original location,
gedit would need to invoke "sudo cp". The user would have to _have_ sudo
rights - at least to cp. If the user does, then where is this any more of
a security nightmare than the current system.

I don't think Gedit needs, or should be allowed to do anything like
this. There's already several perfectly functional ways to give Gedit
the privilege it needs to do what the OP wants. Users need to learn to
use them, not suggest the reinventing of a broken wheel.

If the wheel's broken, it should certainly be redesigned. I don't think it
is, but lets argue about it on its merits rather than dismissing ostensibly
reasonable suggestions as emasculation.
--
derek


--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users