Vote for new Ubuntu Feature---Let's try it again

[Derek Broughton]

Scott Kitterman wrote:

> On Tuesday 09 January 2007 08:38, Wulfy wrote:

>> How is asking for a password which must be correct and the user with
>> sudoer having rights to do the operation in question (or the
>> authorisation fails) granting "free and clear access to everything" or
>> "run[ning] your system in a horribly insecure way by logging in... as
>> root"?

I agree - even though I _don't_ think this is a particularly good idea.

>> If a random user typed sudo <command> it would work only if the user
>> had the privileges to do it.  As I understand what the OP is asking for,
>> if the system finds that the user doesn't have the privileges for a
>> particular operation, it runs sudo to authenticate.
>>
> That's what he thought he was asking for, but his example requires a
> running program to be able to escalate it's privileges.

No it doesn't.  It could be done in the shell.  It could be the "baash"
shell (The Bourne Again, Again, Shell).  When a command fails, due to lack
of privilege, try to reexecute it with "sudo".  The downside is that I
doubt you can usually tell when something fails because of privilege - in
which case you'd need either every script or program to return
an "unprivileged" return code (generally considered insecure in itself - a
secure system doesn't even indicate a program exists if you don't have the
right to run it) or some kind of kernel trap to signal an unauthorized
access.  Then you'd _still_ need to rewrite everything to check its
privileges before actually doing any work.

A much simpler solution that could do some of this would be to have the
shell automatically invoke sudo for any command not available in the
current path.  Again, I don't like it :-)
-- 
derek