On 18 November 2015 at 20:09, Adam Jackson <ajax@xxxxxxxxxx> wrote: > On Wed, 2015-11-18 at 11:53 -0800, Andrew Lutomirski wrote: > >> I don't understand. If a user who has the right to act as root asks >> to authorize a program to run as root on their behalf, we should grant >> that request. And, once we grant it, we shouldn't be >> passive-aggressive and say "sure you can run it, but no graphics for >> you!". > > The point is, if things in Fedora require "run this bit of GUI as root" > in order to function, we've done a poor job. That people have bad > habits already is not sufficient justification to encourage them to > have more. > > To the bug in question: probably we should make it so 'sudo gedit' does > work, but I'd still strongly discourage anyone from actually doing so. > Not really getting this. For any configuration task where you replace editing a root owned text file with access through some authorised gui, that gui is still vulnerable. It may have theoretically reduced risks (assuming its permission to alter things is suitably locked down, not sure how well that is down generally), but it still has them and potential vulnerabilities. Versus being able to use a text editor, which is necessary for people using customised systems even in the hypothetical world where everything provided by fedora provides a perfect tool for configuring it. My conclusion would be better security and controls for gui tools that need general access to root owned resources. -- imalone http://ibmalone.blogspot.co.uk -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
