Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it

Fri Jan 12 01:00:58 UTC 2007

Jeffrey F. Bloss wrote:

> Derek Broughton wrote:
> 
>> >> Don't be silly - applications _do_ do this, and as Chanchao says it
>> >> isn't Unix blasphemy.
>> > 
>> > Yes, and if you read back through the thread I thought I'd made this
>> > clear when I stated quite plainly that there's two avenues of
>> > attack to this "problem"... either neutering the Linux/Unix
>> > security model, or convincing every Tom, Dick, And Harry software
>> > author to rewrite their wares in a compliant and *secure* way. Like
>> > I said, it's not gonna happen in our lifetime or likely any other.
>> 
>> But right here, Chanchao just asked for it to be done on a
>> per-application basis, and you told him that he was castrating the
>> unix security model. His suggestion most certainly does not.
> 
> It absolutely does! Software authors changing permissions mid-stream is
> a dire security problem. And other applications do NOT do this. The
> Linux kernel won't permit it except in the most unusual of
> circumstances, if at all. If you examine the few examples where people
> are being tricked into thinking it happens you'll find that they're all
> all exec-ing new processes with admin privilege. "Update Manager" execs
> a command shell for instance.

Exactly!  Which is all that chanchao suggested.  There is no privilege
escalation or security castration happening.
> 
> This is a completely different thing than Gedit elevating it's own
> permissions so it can save a file. 

And neither of us suggested it should - his suggestion was that gedit should
run sudo to cp a temp file, and if that wasn't clear enough I
_specifically_ said that.

> You can do that yourself with a script. Or manually. There's no need
> for any software authors to be involved, 

Of course you can, and of course there's not - which is why your reaction is
completely out of line with the reality of the situation.

> Nobody has yet explained to me what the problem is with simply using
> your brain for something besides keeping your skull from caving in,

Hey, I've got no problem with the system as-is, but you just went off the
deep end with a reasonable (if unworkable) suggestion from Chanchao.

> here's a free clue that might help stave off the ruination of Linux. ;)
> If it doesn't reside in your $HOME you probably don't have permission to
> change it...

Except that that's less and less true.  Probably 90% of the people reading
this list have full sudo rights on their machine.  They may have 2 or 3
other people using the machine who don't have those rights, but the folks
reading this list are the godlike ones :-)  Again, a better way of putting
it is probably that if it doesn't exist in your $HOME, you want to think
twice about changing it.
-- 
derek