On 2018-11-05 21:40, Dale wrote:
Philip Webb wrote:
181105 Dale wrote:
Currently I'm using Krusader. It works as root,
so I can edit files in /etc, /root and such.
I can recommend Krusader to any KDE user.
I do most file management from CLI, but sometimes need heavy lifting.
If anyone tries it, they should look into its many features :
there's a PDF help doc available.
That's my thinking as well. It is different from Konqueror but it does
the job pretty well and seems to be pretty light and fast. The biggest
thing, it allows running as root.
I've been really busy recently. My Mom was in the hospital for several
weeks, that's a long time here. After that, she was in a nursing home
trying to get her strength back and had a few set backs while there.
She comes home tomorrow and is in better shape than she was over a year
ago. Maybe even a couple years ago. That has kept me busy and pretty
much wore out at times. I have health issues of my own. So, I haven't
been able to really dig deep into Krusader as yet. Basically, I got it
to where I can edit files in /etc and /root and pretty much left it as
is. The one thing I'd like to change, being able to click/double click
on a file and it open. That's how Dolphin and the old Konqueror was
set
up. As it is, you have to hit F4 to edit which opens Kwrite/Kate
depending on settings for text files. I also wish it wouldn't separate
the file name and the extension. I prefer them to be together. Heck,
I
might use Krusader as a regular user if I could get that last one
configured right. ;-)
I really do need to research that more. Do you have a link to that
pdf? I'm on version 2.7.1. but any recent version would be nice.
Thanks.
Dale
:-) :-)
I've been reading through this discussion and seen several references to
"run as root". As I've been guilty of doing that myself for a while (and
not realizing it was actually actively prevented since some time), I
decided to look into the reasoning why it's not possible anymore.
Apparently, it wasn't taken lightheartedly. The reasoning behind it was
that the terminal (which also has root now) can be activated and used by
injecting keystrokes (through XTest). Whether that's a concern of the
end user is up for them to decide (if you don't allow any external party
to access your system by not allowing ssh etc. you'd basically be
perfectly safe), but it's an interesting backdoor. However, KDE also
planned to bring in a more fine-grained approach by allowing KIO to use
PolicyKit to allow editing of restricted files. This would mean that
Dolphin, KWrite and Kate all get their "root" back, but in the form of a
"you require elevated rights to do this, please specify your password"
which can be protected better.
Then again, this raises the issue of whether PolicyKit is such a great
feature. I've been having problems with that myself as it can and will
be DoS'd when it gets too many requests (had a rogue libvirt client
which did several requests all of which needed to go through PolicyKit
to verify access). While the failure mode is safe, it will block any
attempt at authorizing, it's a big nuisance because other things may
depend on it.
Lastly, Qt also advises against being used under root due to the sheer
scope of the project which would mean that even krusader might not be
totally safe.
I wanted to share this for those that read this discussion to reiterate
the implications allowing root, and allowing it in these GUI
applications. Of course, if it works for you and you don't see any risk,
by any means go for it. But also keep in mind that there are apparently
fair reasons behind this change. That said, I also started to look into
krusader and I might use it more.
Greetings,
Daniel Sonck
