<quote who="Sven Luther"> > No, i think your first understanding was right, what i think is that the > root needing apps in gnome should be able to work as user (for the allowed > users or something) if you are going to forbid to use gnome as root.
The issues are entirely separate. We need a permissions-granting mechanism regardless of the status of the GDM option. > > No, not really. This is not a general solution. Lots of people don't > > have sudo installed, let alone use it, let alone know how it works. Is > > there even a reasonable sudo *configurator* GUI? Can't find anything in > > Debian, which for all intents and purposes means "no". :-) > > Ok, i understand that it is not the right solution, it would be fixing > things for people who know how to do it though. And the lack of sudo > configuration GUI is no argument. We only need someone to write it, which > is the same thing that is needed for the proper solution. No, it's not. A general solution would not rely on sudo at all. > > Why not use (and put a pretty / usable face on) existing infrastructure? > > Which ones ? su, sudo, pam, other systems in other environments. > I think i have seen in one of the gdm changelogs that the gdm author > didn't think such a thing was feasible, don't know the details though. This has nothing to do with GDM. > > It also sounds somewhat overblown and unnecessary. You're trying to put > > a usable face on a process that most users simply won't care about. > > Stupid but relevant point: Ever seen a Mac or Windows user boot a > > different kernel? :-) > > Well, you are falling again into the most users don't need it, so it is > not worth it, and anyway, you are wrong, windows has this 'reboot into > msdos' thingy, which is comparable in functionality. > > Also all people who want to use their box for games are often forced to > reboot into windows, but i forgot, gnome is now aimed at corporate > desktops. I believe you're wrong, and not focusing on what's actually important. But this is all off-topic. [ 8< snip random personal issues 8< ] > > Anyway, the point is that GNOME needs a general solution to these > > problems that is portable and secure. > > I don't understand the portability problems. I also don't understand the > security problems. > > The point is that there are some apps that need root. These can easily be > solved by using sudo, or better yet by creating a group which has the > right to modify them, and adding the user to this group. Not a single line > of code would need to be modified. Can you see that these statements do not work well together? Sorry, but if don't understand the security/portability issues, nor want to find out about them, you're not actually saying anything useful. What you have said not correct (it is not a simple issue). > So you could solve this in a transparent way simply by using the right > kind of group, and i suppose you would need a group handling GUI for > this, but it is a known and working unix solution to this. A general solution, which this is not, is not that simple. And without a general solution, you haven't solved much. Sorry. - Jeff -- linux.conf.au 2004: Adelaide, Australia http://lca2004.linux.org.au/ "Biology is the only science in which multiplication means the same thing as division." - Greg Leblanc
