> OK, so what are the risks under Wayland?
>
...
>
> Since the security is improved under Wayland, are non-elevated applications
> still able to eavesdrop or falsify input/output of elevated applications?
> The opposite direction is not that important, I think, because if you run
> something as
On 11/18/2015 06:49 PM, Adam Jackson wrote:
> On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
>> On 11/02/2015 03:05 PM, Adam Jackson wrote:
>>> But, why take the risk exposure, when you could simply not?
>>
>> How else would I edit root-owned files? I don't get it. I mean,
>> I guess I
On 19 November 2015 at 03:18, Matthew Miller wrote:
> On Wed, Nov 18, 2015 at 03:09:34PM -0500, Adam Jackson wrote:
>> To the bug in question: probably we should make it so 'sudo gedit' does
>> work, but I'd still strongly discourage anyone from actually doing so.
>
>
On 19 November 2015 at 15:31, Adam Jackson wrote:
> On Wed, 2015-11-18 at 21:45 +, Ian Malone wrote:
>
>> Not really getting this. For any configuration task where you replace
>> editing a root owned text file with access through some authorised
>> gui, that gui is still
On Wed, 2015-11-18 at 21:45 +, Ian Malone wrote:
> Not really getting this. For any configuration task where you replace
> editing a root owned text file with access through some authorised
> gui, that gui is still vulnerable.
That gui's code, unlike emacs, doesn't allow you to write
On 11/19/2015 12:57 PM, Simon Farnsworth wrote:
> On Thursday 19 Nov 2015 12:48:50 Andrew Haley wrote:
>> On 11/18/2015 06:49 PM, Adam Jackson wrote:
>
>>> Phrased another way: no, it's not *your computer* we're talking about
>>> here. The computer in question rightfully belongs to someone else;
On 11/19/2015 08:31 AM, Reindl Harald wrote:
Am 19.11.2015 um 13:57 schrieb Simon Farnsworth:
Put another way: "sudo emacs /etc/hosts" will break under Wayland
than wayland is currently not useable and ready to replace X11
as user i don't care if the application needs to be fixed or
On 11/19/2015 01:03 PM, Simon Farnsworth wrote:
> "sudo -e /etc/hosts", will ... still work
Hold on, I think I may not be understanding something. If "sudo -e /etc/hosts"
will still work, why won't "sudo emacs /etc/hosts" ?
Andrew.
--
devel mailing list
devel@lists.fedoraproject.org
On Thursday 19 Nov 2015 13:56:32 Andrew Haley wrote:
> On 11/19/2015 01:03 PM, Simon Farnsworth wrote:
> > "sudo -e /etc/hosts", will ... still work
>
> Hold on, I think I may not be understanding something. If "sudo -e
> /etc/hosts" will still work, why won't "sudo emacs /etc/hosts" ?
>
>
On Thursday 19 Nov 2015 12:48:50 Andrew Haley wrote:
> On 11/18/2015 06:49 PM, Adam Jackson wrote:
> > Phrased another way: no, it's not *your computer* we're talking about
> > here. The computer in question rightfully belongs to someone else; we
> > are here discussing how to be responsible for
Am 19.11.2015 um 13:57 schrieb Simon Farnsworth:
Put another way: "sudo emacs /etc/hosts" will break under Wayland
than wayland is currently not useable and ready to replace X11
as user i don't care if the application needs to be fixed or wayland
lacks whatever but given that there are a
On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
> On 11/02/2015 03:05 PM, Adam Jackson wrote:
> > But, why take the risk exposure, when you could simply not?
>
> How else would I edit root-owned files? I don't get it. I mean,
> I guess I could run an editor in a text window, but I don't
On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
> I don't understand. If a user who has the right to act as root asks
> to authorize a program to run as root on their behalf, we should grant
> that request. And, once we grant it, we shouldn't be
> passive-aggressive and say "sure
On Wed, Nov 18, 2015 at 10:49 AM, Adam Jackson wrote:
> On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
>> On 11/02/2015 03:05 PM, Adam Jackson wrote:
>> > But, why take the risk exposure, when you could simply not?
>>
>> How else would I edit root-owned files? I don't
On Wed, 2015-11-18 at 15:09 -0500, Adam Jackson wrote:
> On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
>
> > I don't understand. If a user who has the right to act as root asks
> > to authorize a program to run as root on their behalf, we should grant
> > that request. And, once
2015-11-18 21:24 GMT+01:00 Adam Williamson :
> On Wed, 2015-11-18 at 15:09 -0500, Adam Jackson wrote:
>> On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
>>
>> > I don't understand. If a user who has the right to act as root asks
>> > to authorize a program
On Wed, Nov 18, 2015 at 12:24 PM, Adam Williamson
wrote:
> On Wed, 2015-11-18 at 15:09 -0500, Adam Jackson wrote:
>> On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
>>
>> > I don't understand. If a user who has the right to act as root asks
>> > to
> Hi,
>
> > It's certainly the case that *gnome* might do something ridiculous if
> > you 'sudo gedit' something, but 'sudo emacs' really ought to be
> > equally acceptable regardless of whether you're using the terminal or
> > X frontend.
> emacs is probably okay, just by virtue of the fact that
On 18 November 2015 at 20:24, Adam Williamson
wrote:
> On Wed, 2015-11-18 at 15:09 -0500, Adam Jackson wrote:
>> On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
>>
>> > I don't understand. If a user who has the right to act as root asks
>> > to authorize a
Am 19.11.2015 um 01:00 schrieb Reindl Harald:
Am 19.11.2015 um 00:57 schrieb Ian Malone:
On 18 November 2015 at 23:38, Reindl Harald
wrote:
Am 18.11.2015 um 19:49 schrieb Adam Jackson:
That's kind of a non sequitur. To a first order, there are zero root-
owned
Am 18.11.2015 um 19:49 schrieb Adam Jackson:
On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
On 11/02/2015 03:05 PM, Adam Jackson wrote:
But, why take the risk exposure, when you could simply not?
How else would I edit root-owned files? I don't get it. I mean,
I guess I could run
On 18 November 2015 at 23:38, Reindl Harald wrote:
>
>
> Am 18.11.2015 um 19:49 schrieb Adam Jackson:
>>
>> On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
>>>
>>> On 11/02/2015 03:05 PM, Adam Jackson wrote:
But, why take the risk exposure, when you could
On 18 November 2015 at 20:09, Adam Jackson wrote:
> On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
>
>> I don't understand. If a user who has the right to act as root asks
>> to authorize a program to run as root on their behalf, we should grant
>> that request.
Am 18.11.2015 um 21:09 schrieb Adam Jackson:
On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote:
I don't understand. If a user who has the right to act as root asks
to authorize a program to run as root on their behalf, we should grant
that request. And, once we grant it, we
Am 19.11.2015 um 00:57 schrieb Ian Malone:
On 18 November 2015 at 23:38, Reindl Harald wrote:
Am 18.11.2015 um 19:49 schrieb Adam Jackson:
On Tue, 2015-11-17 at 17:30 +, Andrew Haley wrote:
On 11/02/2015 03:05 PM, Adam Jackson wrote:
But, why take the risk
On Wed, Nov 18, 2015 at 03:09:34PM -0500, Adam Jackson wrote:
> To the bug in question: probably we should make it so 'sudo gedit' does
> work, but I'd still strongly discourage anyone from actually doing so.
Actually, there's a better way. The authors of sudo already considered
this. Set
On 11/02/2015 03:05 PM, Adam Jackson wrote:
> But, why take the risk exposure, when you could simply not?
How else would I edit root-owned files? I don't get it. I mean,
I guess I could run an editor in a text window, but I don't want to
do that.
And I have no idea how to run things like
2015-11-17 20:07 GMT+02:00 Reindl Harald :
> depends on what the application is supposed to do and if you want a global
> setup instead only in the userhome for every user
>
> installing in your userhome has another disadvantage: you are running all
> day long a application
On 17/11/15 18:11, Andrew Haley wrote:
On 11/17/2015 05:55 PM, Joonas Sarajärvi wrote:
My impression is that by default in fedora, virt-manager runs as
non-root. I guess it might ask for the root password in order to
manage the libvirtd that runs as privileged mode, but even in that
case the
On 10/30/2015 10:48 PM, Adam Jackson wrote:
> Anyone running any X (or wayland) application as root in their desktop
> session is completely bonkers and deserves every consequence of their
> poor decision.
Doesn't most proprietary software come with GUI installers?
Florian
--
devel mailing list
Hi,
2015-11-17 19:30 GMT+02:00 Andrew Haley :
> And I have no idea how to run things like virt-manager without root.
My impression is that by default in fedora, virt-manager runs as
non-root. I guess it might ask for the root password in order to
manage the libvirtd that runs as
2015-11-17 19:56 GMT+02:00 Florian Weimer :
> Doesn't most proprietary software come with GUI installers?
No idea if "most" are, but at least I have seen many proprietary
programs that do not require a GUI in installation.
Also in many cases where there is a GUI installer, it
Am 17.11.2015 um 19:04 schrieb Joonas Sarajärvi:
2015-11-17 19:56 GMT+02:00 Florian Weimer :
Doesn't most proprietary software come with GUI installers?
No idea if "most" are, but at least I have seen many proprietary
programs that do not require a GUI in installation.
Am 17.11.2015 um 18:56 schrieb Florian Weimer:
On 10/30/2015 10:48 PM, Adam Jackson wrote:
Anyone running any X (or wayland) application as root in their desktop
session is completely bonkers and deserves every consequence of their
poor decision.
Doesn't most proprietary software come with
On 11/17/2015 05:55 PM, Joonas Sarajärvi wrote:
> My impression is that by default in fedora, virt-manager runs as
> non-root. I guess it might ask for the root password in order to
> manage the libvirtd that runs as privileged mode, but even in that
> case the user interface would run as your
On 11/17/2015 06:25 PM, Tom Hughes wrote:
> On 17/11/15 18:11, Andrew Haley wrote:
>> On 11/17/2015 05:55 PM, Joonas Sarajärvi wrote:
>>> My impression is that by default in fedora, virt-manager runs as
>>> non-root. I guess it might ask for the root password in order to
>>> manage the libvirtd
On Fri, 2015-10-30 at 14:58 -0700, Andrew Lutomirski wrote:
> On Fri, Oct 30, 2015 at 2:48 PM, Adam Jackson wrote:
> >
> > Anyone running any X (or wayland) application as root in their desktop
> > session is completely bonkers and deserves every consequence of their
> > poor
On Nov 2, 2015 7:05 AM, "Adam Jackson" wrote:
>
> On Fri, 2015-10-30 at 14:58 -0700, Andrew Lutomirski wrote:
> > On Fri, Oct 30, 2015 at 2:48 PM, Adam Jackson wrote:
> > >
> > > Anyone running any X (or wayland) application as root in their desktop
> > >
Hi,
> It's certainly the case that *gnome* might do something ridiculous if
> you 'sudo gedit' something, but 'sudo emacs' really ought to be
> equally acceptable regardless of whether you're using the terminal or
> X frontend.
emacs is probably okay, just by virtue of the fact that if the admin
On Fri, Oct 30, 2015 at 2:48 PM, Adam Jackson wrote:
> On Fri, 2015-10-30 at 11:41 -0400, John Dulaney wrote:
>
>> As Halfline points out, the decision needs to be made whether to allow
>> gui applications to be run as root. I figured I'd bring this up for
>> discussion in the
On Fri, 2015-10-30 at 11:41 -0400, John Dulaney wrote:
> As Halfline points out, the decision needs to be made whether to allow
> gui applications to be run as root. I figured I'd bring this up for
> discussion in the hopes that a decision may be made whether or not to
> allow this.
Anyone
Recently, I filed a bug (1274451) about running virt-manager on Wayland.
As it turns out that this is applicable to running gui applications as
root on Wayland in general, the scope was changed (see Cole's comments).
As Halfline points out, the decision needs to be made whether to allow
gui
- Original Message -
> Recently, I filed a bug (1274451) about running virt-manager on Wayland.
> As it turns out that this is applicable to running gui applications as
> root on Wayland in general, the scope was changed (see Cole's comments).
>
> As Halfline points ou
43 matches
Mail list logo