Re: Authorization without permanent setuid on helper
Re: Authorization without permanent setuid on helper
- Subject: Re: Authorization without permanent setuid on helper
- From: Finlay Dobbie <email@hidden>
- Date: Sat, 22 Jan 2005 01:11:56 +0000
On Fri, 21 Jan 2005 16:41:24 -0800, John Davidorff Pell
<email@hidden> wrote:
> I very much do not like this. Personally, I would prefer to be prompted
> every time that a root operation is performed. I go out of my way to
> remove setuid binaries from my system. I think they are inappropriate.
> If a user should be allowed to perform an operation, then they should
> have permission to do so. They should not circumvent the permissions
> model by using a setuid binary.
You'd like to be prompted to authenticate to get a process list? To
change your network preferences? To change your date/time? Wow, you
must like pain, and I have to say I'm in favour of getting stuff done
rather than pointless bureaucracy :-)
The fundamental problem here is that the UNIX security model is
outdated and inflexible. Some things require root privs when they're
relatively innocuous. It's for developers to make informed and
educated decisions as to how to expose this stuff to the user, which
is sometimes not easy. While I certainly don't trust every random
developer on the platform, I don't see any viable alternative.
-- Finlay
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden