Jasper Huijsmans wrote: >> For su it's easy, just check if the user is in the group 'wheel' or >> 'root' (depending on the system). > > I have the root password, how do you know that? The limitation for su to > the wheel group is only in the BSD's I think.
I don't remember exactly, but I think this is the behaviour on most of the commercial Unices. I think the limitation is only present in GNU su (Stallman had some weird reason for this). Anyways, this will be system-dependent, no matter what you do. >> For sudo it'd require parsing the >> sudoers file. > > The example was running gnome-terminal with su somewhere in the > arguments. We're not going to parse all the command lines, are we? You > are also already special casing su and sudo, but programs may have other > means to gain root priviledges, isn't it? A cross-platform solution, independent of the mechanism (that is su, sudo, etc.) would be perfect, definitely. But I doubt that this will ever be the case. So you'll need to limit the supported mechanisms. And if somebody really needs something other than su or sudo, then he/she should set RequiresRoot=No and use "mysudo program" or whatever for Exec. > It seems to me that the spec would be better of starting small, with > only 'RequiresRoot=Yes|No'. There's no advantage over the current situation if you cannot tell whether or not the user is allowed to execute the program as root. > Jasper Benedikt _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
