Indeed this is due to the new architecture of gnome-system-tools in
Edgy. The backend now is entirely separate, the frontend runs as normal
user, and they communicate over dbus. The current dbus policy is to
allow access to members of the admin group. Thus there is no sudo
involved any more.
This drops the additional safeguards that gksudo provides, like
verifying the person that is currently sitting on the computer (if there
is no active sudo timestamp at least), although with physical access
this merely provides a delay and does not stop any local attacks.
I'm aware that it is less than ideal, but until we have PolicyKit (in
edgy+1, I assume) we have to find a compromise for this. Right now
privilege transition works the same way as gnome-power-manager and
friends get root access.
** Changed in: gnome-system-tools (Ubuntu)
Importance: Untriaged => Medium
Status: Rejected => Confirmed
--
run action as root without prompting for a password
https://launchpad.net/bugs/59946
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
