On Tue, Jun 15, 2010 at 03:02:28AM -0700, Elazar Leibovich wrote:
> On Tue, Jun 15, 2010 at 12:44 AM, Oron Peled wrote:
>
> > On Tuesday, 15 בJune 2010 09:12:53 Elazar Leibovich wrote:
> > > Thanks for the long and detailed reply!
> >
> > Yes, but you (probabely by mistake) replied to me only.
>
On Tue, Jun 15, 2010 at 12:44 AM, Oron Peled wrote:
> On Tuesday, 15 בJune 2010 09:12:53 Elazar Leibovich wrote:
> > Thanks for the long and detailed reply!
>
> Yes, but you (probabely by mistake) replied to me only.
> I reply to the mailing list with your full content, so
> the context is not lo
On Tuesday, 15 בJune 2010 09:12:53 Elazar Leibovich wrote:
> Thanks for the long and detailed reply!
Yes, but you (probabely by mistake) replied to me only.
I reply to the mailing list with your full content, so
the context is not lost.
> Just to make sure I got you correctly, you're saying that
Allowing a desktop user to execute priviledged operations was tried
over the years with different (wrong) approaches. First, let's
summarize the old technical solutions and than explain their faults.
Finally, we'll see what better approaches are being developed or
deployed nowdays.
All legacy solu
I don't understand.
An executable can be signed or unsigned. Anyone can sign it, but the name of
the signee would appear on it.
If I see your script with your name on it, I can decide whether or not to
execute it.
What cannot happen in that case that I'll think your script is the update
manager, si
On Mon, Jun 14, 2010 at 09:22:23PM +0300, Elazar Leibovich wrote:
> On Mon, Jun 14, 2010 at 8:41 PM, Tzafrir Cohen wrote:
>
> > On Mon, Jun 14, 2010 at 08:12:43PM +0300, Elazar Leibovich wrote:
> >
> [snip]
>
> > > But I'm not interested with extra limitations. I want to allow the user
> > > sudo
On Mon, Jun 14, 2010 at 8:41 PM, Tzafrir Cohen wrote:
> On Mon, Jun 14, 2010 at 08:12:43PM +0300, Elazar Leibovich wrote:
>
[snip]
> > But I'm not interested with extra limitations. I want to allow the user
> > sudo'ing whatever he wishes, to allow any program to prompt for extra
> > permissions,
On 14/06/2010 19:12, Elazar Leibovich wrote:
The problem:
In the current workflow for desktop linux, you need to routinely
leverage the privilege of some GUI application. Those applications runs
constantly in the background and might prompt the user to take action.
We *want *those application t
On Mon, Jun 14, 2010 at 08:12:43PM +0300, Elazar Leibovich wrote:
> The problem:
> In the current workflow for desktop linux, you need to routinely leverage
> the privilege of some GUI application. Those applications runs constantly in
> the background and might prompt the user to take action.
> We
The problem:
In the current workflow for desktop linux, you need to routinely leverage
the privilege of some GUI application. Those applications runs constantly in
the background and might prompt the user to take action.
We *want *those application to constantly run in the background and prompt
the
On Mon, Jun 14, 2010 at 06:16:11PM +0300, Elazar Leibovich wrote:
> On Mon, Jun 14, 2010 at 6:04 PM, Tzafrir Cohen wrote:
>
> > On Mon, Jun 14, 2010 at 05:47:36PM +0300, Elazar Leibovich wrote:
> >
> > > Again, sudo is super.
> >
> > Surely it's not. Super is a sudo replacement.
> > http://package
On Mon, Jun 14, 2010 at 6:04 PM, Tzafrir Cohen wrote:
> On Mon, Jun 14, 2010 at 05:47:36PM +0300, Elazar Leibovich wrote:
>
> > Again, sudo is super.
>
> Surely it's not. Super is a sudo replacement.
> http://packages.debian.org/super
It is hard to find an adjective which is not a debian package
On Mon, Jun 14, 2010 at 05:47:36PM +0300, Elazar Leibovich wrote:
> Again, sudo is super.
Surely it's not. Super is a sudo replacement.
http://packages.debian.org/super
> I even considered a using it on some windows machine
> which unfortunately lack this feature. It's the Ubuntu GUI for levera
On Mon, Jun 14, 2010 at 4:54 PM, Tzafrir Cohen wrote:
> On Mon, Jun 14, 2010 at 05:36:33AM -0700, Elazar Leibovich wrote:
> > 1) I'm not sure sniffing your keyboard and recognizing when you type your
> > password is so easy, but I might be wrong.
> > 2) I believe that there's some mechanism which
On Mon, Jun 14, 2010 at 05:36:33AM -0700, Elazar Leibovich wrote:
> 1) I'm not sure sniffing your keyboard and recognizing when you type your
> password is so easy, but I might be wrong.
> 2) I believe that there's some mechanism which prevents any other software
> to mask graphically the authentic
1) I'm not sure sniffing your keyboard and recognizing when you type your
password is so easy, but I might be wrong.
2) I believe that there's some mechanism which prevents any other software
to mask graphically the authentication dialog, so that if you're seeing the
real authentication dialog - yo
On Mon, Jun 14, 2010 at 02:52:30AM -0700, Elazar Leibovich wrote:
> I think you're missing the very fundamental problem I was discussing.
> Sudo is great, having the default user in the admin group, enabling him to
> sudo everything is even better. But this applies only when working with the
> CLI.
On Monday 14 Jun 2010 12:52:30 Elazar Leibovich wrote:
> I think you're missing the very fundamental problem I was discussing.
> Sudo is great, having the default user in the admin group, enabling him to
> sudo everything is even better. But this applies only when working with the
> CLI.
> However,
I think you're missing the very fundamental problem I was discussing.
Sudo is great, having the default user in the admin group, enabling him to
sudo everything is even better. But this applies only when working with the
CLI.
However, when using a GUI system, and administrating your system using th
On Mon, Jun 14, 2010 at 08:49:21AM +0300, Elazar Leibovich wrote:
> When using my Ubuntu I used to make the following pattern, whenever an
> update symbol showed up in the "taskbar" above (in gnome it's the upper
> panel), I clicked on it, entered my password to sudo up the privileges of
> the upda
2010/6/14 Elazar Leibovich :
> Alas, in the latest version of Ubuntu the sudoers file says
> %admin ALL=(ALL) ALL
> and the default user is indeed in the admin group.
> Is that really a problem (I'm probably not the only one who noticed it)?
I suppose Ubuntu assumes, probably correctly for its ta
On Mon, Jun 14, 2010 at 9:12 AM, geoffrey mendelson <
geoffreymendel...@gmail.com> wrote:
>
> On Jun 14, 2010, at 8:49 AM, Elazar Leibovich wrote:
>
>>
>> It can't be that bad, I thought, I can probably only sudo a known program.
>> Alas, in the latest version of Ubuntu the sudoers file says
>>
>>
On Jun 14, 2010, at 8:49 AM, Elazar Leibovich wrote:
It can't be that bad, I thought, I can probably only sudo a known
program. Alas, in the latest version of Ubuntu the sudoers file says
%admin ALL=(ALL) ALL
At least it still requires you to enter a password. This prevents a
random pe
When using my Ubuntu I used to make the following pattern, whenever an
update symbol showed up in the "taskbar" above (in gnome it's the upper
panel), I clicked on it, entered my password to sudo up the privileges of
the update process, and installed the needed packages to the machine.
Then I thou
24 matches
Mail list logo