Date: Sun, 12 Jul 1998 16:35:48 +1200 (NZST) From: Andrew McNaughton <andrew@squiz.co.nz> To: "Kent S. Gordon" <kgor@ksg.com> Cc: jehamby@manta.jpl.nasa.gov, 026809r@dragon.acadiau.ca, security@FreeBSD.ORG Subject: Re: RootRunner (admin GUI w/o security holes?) Message-ID: <Pine.BSF.3.96.980712163039.11489A-100000@aniwa.sky> In-Reply-To: <199807120035.TAA10008@soccer.ksg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 11 Jul 1998, Kent S. Gordon wrote: > Date: Sat, 11 Jul 1998 19:35:38 -0500 (CDT) > From: "Kent S. Gordon" <kgor@ksg.com> > To: jehamby@manta.jpl.nasa.gov > Cc: 026809r@dragon.acadiau.ca, security@FreeBSD.ORG > Subject: Re: RootRunner (admin GUI w/o security holes?) > > >>>>> "jehamby" == Jake Hamby <jehamby@manta.jpl.nasa.gov> writes: > > > On Fri, 10 Jul 1998, Michael Richards wrote: > >> Why not just use ssh to forward your root x connections via an > >> encrypted connection. All of your problems go away. You are > >> even secure from network sniffers because the entire data > >> stream is encrypted. > > > Well, I definitely want to support ssh to allow secure remote > > administration (where it would replace su or sudo in the scheme > > I described), but I'm really loath to run any part of the GUI as > > uid 0, if it's at all possible to avoid. While it's probably > > not a security hole, per se, my biggest problem is the one I > > already mentioned of how to start the program from the "start > > menu" of your favorite windowmanager, without having to pop up > > an ugly xterm window to ask for the root password. > > You could always create an no password entry in sudo for these cases > or a special suid binary that invokes the program. I have used no > password entry in sudo for this in the past. > > > -Jake That gives finer control over access, but otherwise I don't think it's much different from suid. I suspect the only way to get a uid = 0 backend and a uid != 0 frontend is to run them as separate processes with some sort of communication channel. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980712163039.11489A-100000>