On Fri, Dec 12, 2003 at 10:56:17AM -0600, Jack O'Quin wrote: > If refusing to run with any privileges is their goal, then they have > failed completely. We do it all the time right now using JACK > capabilities, which bypasses their checks entirely, or by running as > root with `sudo' or `su'. > > This is the heart of their problem. GTK *cannot tell* when it is > running at elevated priviledge levels. It does not detect privilege > levels at all, but merely disallows two of the 17 possible ways of > gaining privilege. By disallowing the mechanism but not the privilege > their action becomes counter-productive, forcing people to use cruder > mechanisms than would otherwise be necessary to acquire the privileges > they need.
Those might be lightened a bit, but they might go well into your letter.
