From owner-freebsd-security Fri Jul 10 16:53:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA16826 for freebsd-security-outgoing; Fri, 10 Jul 1998 16:53:58 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from seaworld.jpl.nasa.gov (seaworld.jpl.nasa.gov [137.78.96.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA16803 for ; Fri, 10 Jul 1998 16:53:46 -0700 (PDT) (envelope-from jehamby@manta.jpl.nasa.gov) Received: from manta.jpl.nasa.gov by seaworld.jpl.nasa.gov via SMTP (980427.SGI.8.8.8/940406.SGI) id QAA18136; Fri, 10 Jul 1998 16:53:45 -0700 (PDT) Received: from localhost by manta.jpl.nasa.gov (SMI-8.6/SMI-SVR4) id QAA03973; Fri, 10 Jul 1998 16:53:44 -0700 Date: Fri, 10 Jul 1998 16:53:44 -0700 (PDT) From: Jake Hamby X-Sender: jehamby@manta To: Michael Richards <026809r@dragon.acadiau.ca> cc: security@FreeBSD.ORG Subject: Re: RootRunner (admin GUI w/o security holes?) In-Reply-To: <199807102336.UAA08298@dragon.acadiau.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 10 Jul 1998, Michael Richards wrote: > Why not just use ssh to forward your root x connections via an encrypted > connection. All of your problems go away. You are even secure from network > sniffers because the entire data stream is encrypted. Well, I definitely want to support ssh to allow secure remote administration (where it would replace su or sudo in the scheme I described), but I'm really loath to run any part of the GUI as uid 0, if it's at all possible to avoid. While it's probably not a security hole, per se, my biggest problem is the one I already mentioned of how to start the program from the "start menu" of your favorite windowmanager, without having to pop up an ugly xterm window to ask for the root password. -Jake To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message