On Tue, Apr 10, 2007 at 05:11:36PM +0200, Hans de Goede wrote: > And this is where I don't get the rant, afaik system-config-xxx aren't > suid root, they call a (one would assume audited) helper program to become > root, by use of the root password, so there is no chance for privelidge > escalation here, because the user has the root password, the user cannot > get any more privilidged then that AFAIK. So where is the problem? Theoretically, one can configure these programs to allow authentication as a user other than root, including sudo-like reauth-as-self operations. That would be very useful functionality. In fact, it'd be reasonable to configure many of them on desktop systems to be allow local use without any password prompt. -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
