On Tue, Apr 10, 2007 at 07:59:14AM -0400, Matthew Miller wrote: > On Tue, Apr 10, 2007 at 03:34:23AM -0400, David Zeuthen wrote: > > Btw, the rant of mine that Matthew pointed to was more concerned with > > the sad fact that we run a bunch of X11 apps as root.. Just don't run > > any X11 apps as root; it's a really really bad idea, thanks :-) > > Yeah but it's such a good rant. :) > > And seriously, although X is the most obviously scary, the same thing > applies to any setuid code beyond the incredibly trivial. Well... the getSystemId executable I want to run is _not_ a GUI app, and the executable only takes two parameters that I can turn off if real uid != effective uid, effectively making it a program that outputs only with no user input. The information returned is not secret info. Basically just saying what the Dell system ID is (not available in HAL currently), plus a couple other things that can already be gotten through HAL. I'll see what I can do, and if I end up doing SUID, I'll post it for review before I stick it in my RPM. I'm investigating HAL and DBUS now. It may prove to be an excellent alternative if I can wrap my head around all of it. -- Michael -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
