Re: Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it

Derek Broughton wrote:

Sorry, hit the send button a little too quick. A continuation...


Jeffrey F. Bloss wrote:
This is a completely different thing than Gedit elevating it's own
permissions so it can save a file.

And neither of us suggested it should - his suggestion was that gedit
should run sudo to cp a temp file, and if that wasn't clear enough I
_specifically_ said that.

And I already specifically addressed this by stating that this is not
something third party software authors should be doing. If you want
this functionality code it yourself. It's trivial with the right
editor. If you don't know how to cobble something together to get the
job done then you probably shouldn't be messing around trying to
"streamline" necessary security measures in the first place.

Why shouldn't third parties do this? A number of reasons. Because your
system may have a sudo and mine not. Because your shell may be
different than mine. Because it's a *severe* security risk if an
admin happens to adjust sudoers away from it's defaults. Because no
vendor can know everything or account for every scenario. It's a highly
individual thing that only competent admins with a full understanding
of how their solution will impact their system should be doing, if in
fact you assume there's any valid reason anyone should be doing it at
all.


You can do that yourself with a script. Or manually. There's no need
for any software authors to be involved,

Of course you can, and of course there's not - which is why your
reaction is completely out of line with the reality of the situation.

Adhering to time tested protocols, and suggesting users employ
common sense and a modicum of forethought is "out of line" these days?
Pointing out the fact that giving random software authors a hand in the
authentication process is a bad thing, is "unrealistic"?

We have very different definitions of "line" and "real". :)

Here's a gut check. Feel free to accept because it will never happen
but maybe it will get the gears turning. I have an open source text
editor I've been toying with as part of a much larger project. Pretty
familiar with the code at this point. I'll package you up a "special"
copy with some sudo enhancements so you can open a file as Derek, and
save it as God with a password. You''ll just have to trust me when I
say with my fingers crossed that nothing funny will happen. It will
just save the file. Honest. <evil grin>

Nobody has yet explained to me what the problem is with simply using
your brain for something besides keeping your skull from caving in,

Hey, I've got no problem with the system as-is, but you just went off
the deep end with a reasonable (if unworkable) suggestion from
Chanchao.

No, deep end would have been hurling invectives in the general
direction of people's family members for raising them to be so mentally
stunted they're hypnotized by GUIs. :)

Granted, "castrated" might be a little graphic for a single case
scenario, but it certainly isn't if we were to start accepting third
party mucking around like this as a acceptable routine.

here's a free clue that might help stave off the ruination of
Linux. ;) If it doesn't reside in your $HOME you probably don't
have permission to change it...

Except that that's less and less true. Probably 90% of the people
reading this list have full sudo rights on their machine. They may

Yes, that is exactly what I'm saying. As $USER you lack that
permission. With a sudo you briefly achieve it. And su gives it to you
on a more durable level. They both require, and *should* require, a
minimum of forethought.

have 2 or 3 other people using the machine who don't have those
rights, but the folks reading this list are the godlike ones :-)
Again, a better way of putting it is probably that if it doesn't
exist in your $HOME, you want to think twice about changing it.

If you're typing 'sudo <somecommand>' you've *ALREADY* considered it.

That's the whole point. :)

--
_?_ Outside of a dog, a book is a man's best friend.
(o o) Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
grok! Registered Linux user #402208

Attachment: signature.asc
Description: PGP signature

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: SUID permission on Bash script
    ... shutdown my machine without root permisions, ... As far as i know, using SUID, script must runs with root ... so i shoudnt get "Permission denied", ... can install `sudo' and give permission to the specific user to run: ...
    (freebsd-questions)
  • Re: Home Folder - Users Shared Folders Issues
    ... I'm glad to hear that you will follow our suggestion. ... single user to sharing, you need to add every user's permission, and choose ... This newsgroup only focuses on SBS technical issues. ... you may want to contact Microsoft CSS directly. ...
    (microsoft.public.windows.server.sbs)
  • Re: creating a user with only read permissions on all files
    ... Perhaps the best thing to do is to use sudo, ... can do commands like ls and more with root permission. ... Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers ...
    (comp.os.linux.misc)
  • Re: creating a user with only read permissions on all files
    ... Perhaps the best thing to do is to use sudo, ... do commands like ls and more with root permission. ... Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers ...
    (comp.os.linux.misc)
  • Permission denied when tweaking various /proc knobs (Lenny)
    ... but I get permission denied if I do it via sudo -- I have to su to root ... in order to do the adjustments. ... useful in determining why I can't do this using sudo. ...
    (Debian-User)