Asking a user for the root password and executing root only commands...
Bengt Richter
bokr at oz.net
Wed Oct 30 15:45:47 EST 2002
On Wed, 30 Oct 2002 18:54:06 GMT, Axel Vandevenne <axel at vandevenne.net> wrote:
>Stuart D. Gathman wrote:
>
>> On Wed, 30 Oct 2002 09:55:03 -0500, Andrew Koenig wrote:
>>
>>> Axel> They should get a nice qt windows asking for the root password,
>>> Axel> wich will then check if that's the correct password by probably
>>> Axel> su'ing?
>>>
>>> Don't do this. If it is successful, it will tend to condition users to
>>> believe that it is acceptable to supply the root password to a program
>>> that is not su or sudo. That belief is dangerous, because it makes
>>> users more vunlerable to social engineering.
>>
>> I second this. THink about it. I can send you a python worm that pops up
>> a window, asks for root password, then uses the 'pty' module and 'su' to
>> run any code I desire as root - python or otherwise. Any non-root code
>> with the root password is effectively root code.
>>
>
>I see your point, but you can do this in eg kcontrol too, wich is used a LOT
>more than my program will ever be, and my program is for gentoo linux only
>- if you are so naive to give your root password to any program, you'd
>prolly be using windows or mandrake kind of distros...
>
>>What about delegating this task to sudo or kdesu (if KDE is installed)?
>As I stated, I don't want them to have to configure sudo...
>Kdesu seems nice though, but it has the disadvantage that you have to have
>kde installed...
>
>Any other methods, or comments?
>Do more people think it should be started as root (even though kde uses this
>system to ask for a root password)?
Switching security/access privileges should really require a guaranteed secure
connection to a trusted program. To guarantee that, there has to be a signal
that no userland program can intercept, like Ctrl-Alt-Del on a typical PC.
Out of the box my NT handles that better than my OOTB Linux, which was default
configured to shut down. I haven't played with that much. Is there a way to
start up a login on Ctrl-Alt-Del (probably meaning take over the video and go
into text mode)?
I guess this is a bit OT...
Regards,
Bengt Richter
More information about the Python-list
mailing list