On Mon, Jun 14, 2010 at 08:49:21AM +0300, Elazar Leibovich wrote: > When using my Ubuntu I used to make the following pattern, whenever an > update symbol showed up in the "taskbar" above (in gnome it's the upper > panel), I clicked on it, entered my password to sudo up the privileges of > the update process, and installed the needed packages to the machine. > > Then I thought, wait a mintue, this is happening all too often! The only > security signature I trust here is the shape of the symbol on the taskbar! A > malicious program can immitate the update GUI, and lure me to leverage its > permissions very easily. > > It can't be that bad, I thought, I can probably only sudo a known program. > Alas, in the latest version of Ubuntu the sudoers file says > > %admin ALL=(ALL) ALL > > and the default user is indeed in the admin group. > > Is that really a problem (I'm probably not the only one who noticed it)? Is > it like that in other distributions? > > In Windows when you're asked to leverage a permission of a program, it shows > you the digital signature of the executable asking for privileges (or at > least that's how it looks like in the dialog), which is not a very good > solution IMHO, but it's at least better than nothing.
If you're not happy with the simplicity of su, look into the extra complexity of the various [A-Z][a-z]+Kit-s. Specifically in this case the combination of ConsoleKit and PackageKit. Pros: easier to define more fine-grained policies. Cons: more points of failure. More difficult to understand[1]. /me just runs aptitude as root from a terminal. [1] See e.g.: http://lwn.net/Articles/362986/ -- Tzafrir Cohen | tzaf...@jabber.org | VIM is http://tzafrir.org.il | | a Mutt's tzaf...@cohens.org.il | | best tzaf...@debian.org | | friend _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il