gksudo potentially very insecure

Oliver Grawert ogra at ubuntu.com
Tue Jul 5 08:05:42 CDT 2005

Am Dienstag, den 05.07.2005, 08:30 -0400 schrieb Rouslan Solomakhin:
> On Tue, 2005-07-05 at 13:19 +0200, Wouter Stomp wrote:
> > A solution would be to not ask for the password again in gnome when
> > starting the same program again, but do ask for it when starting a
> > different program. I don't think that will pose a burden to anyone. At
> > the commandline, with sudo, the current behaviour is no problem, and I
> > think that is what you are referring to when saying it would be a
> > burden to type it over and over again.
> IMHO, the best solution would be to pop up a notification window (i.e.,
> information dialog) when gksudo is not going to ask for a password. One
> extra click is not as hard as entering the whole password, but it will
> make users aware of their increased privileges.
quoting from http://udu.wiki.ubuntu.com/UsingSudo :

"A indicator should show up in the notification area during the 5min
timeout while i can use the gained admin rights without re-entering the
password, giving an option to cancel "god mode" imediately."

<hint>its still looking for someone to implement it</hint> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050705/4f49face/attachment.pgp

More information about the ubuntu-devel mailing list