> No, xdg-su is no longer part of xdg-utils. > Do you know reason for this?
> I have not used the xdg-su script for privilege escalation, but a quick > (and I mean quick!) look through it at it stands is not going to be a > great success. > Privilege escalation means exploitation, not use of intentionally implemented feature to gain higher privileges. http://en.wikipedia.org/wiki/Privilege_escalation The fact is, there isn't and one of the major reasons is the old ongoing > su/sudo argument and how certain distros implement their own policies > regarding this. (I don't intend on pursuing that argument further here) > Is there some desktop distro without graphical sudo!? > GKSU/GKSUDO > Pro: Easy to use, can handle complex command strings*, easy to configure > the authorisation gui to suit > Con: There are some security issues, the major one to me is that it > escalates the current user's privilege, not the current process. Not true if you use gksudo or gksu with -c. Even more of an issue is that the escalation actually remains in force for a > period of time after the gksu command is finished. > It is applied only if next commands are used also with sudo/etc. Also this time is fully configurable, and if you want you can force it to stop immediately with "sudo -k". * a complex command string being something like > 'cd /home/blah/blah;echo pwd; make install; echo "Success!"' > I think you mean 'cd /home/blah/blah;echo pwd; make install && echo "Success!"'. ;) Jussi ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Gambas-user mailing list Gambas-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gambas-user
