On 07/27/2017 09:39 AM, Luigi Toscano wrote: > Il 27 luglio 2017 18:02:45 CEST, Ben Rosser <rosser.bjr@xxxxxxxxx> ha scritto: >> On Thu, Jul 27, 2017 at 11:50 AM, Luigi Toscano >> <luigi.toscano@xxxxxxxxxx> wrote: >>> No, because they will be able to edit privileged files. It is a >> security problem. >> >> I don't really have a strong opinion on this thread one way or the >> other, but... how is it a security problem if a user who has root >> access to the system anyway wants to edit privileged files? > > The user need to provide a password to access the privileged files, and the only operation allowed will be the requested one against that file. Running an entire application as root expose all the possible operations: > > https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/ > > Yes it does expose privileged files, and that would be the point. It is enough to ask for a password to run the app, like "kdesu konqueror". Forcing me to enter a strong pass phrase with every operation is just silly. Especially as I would have had to enter my pass phrase to open to app in the first place. You have just added a completely unnecessary hindrance to me getting my work done. And you have probably forced me to use weak passwords in order to get work done. Emmett _______________________________________________ kde mailing list -- kde@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kde-leave@xxxxxxxxxxxxxxxxxxxxxxx
