Dear gksu maintainer Can you make gksu's default behavior to be "gksu --disable-grub" ?
I think we loose nothing significant by doing this. We gain remote access and we gain stable invocation of configuration tools under CJK environment where input method (IM) support is needed as I read BTS. Since I am asking to relax so-called *security* measures, I am CCing [EMAIL PROTECTED] and DDs with affected packages to get opinion of the wider audiences. I know that some people surely think even use of gksu is bad: #211900 states "I don't want to encourage users to put in their root password in an X session, because that is not secure." This has a good point. So relaxing gksu may look even worse from this kind of view. But addressing this concern should be done differently (like sudo). ====================================================================== Fundamental question: What shall be the right way to allow root privilege under X for Debian? (synaptic uses gksu now) Proposal (simple one for sarge) Make gksu's default behavior to be "gksu --disable-grub" Proposal (alternative workaround, last resort for sarge) Make all the menu entries for synaptic and other programs which uses gksu to use "--disable-grub" option. Proposal (alternative, something for post-sarge) Make all the menu entries to uses sudo-type program (gksudo?) so policy based user privilege setup without root password is possible. Also "--disable-grub" needed. If user is not allowed, make nice message refusing execution. ====================================================================== Rationale (Summary): Although the intent of grubbing stdin and mouse by the gksu program sounds good for so-called *security* stand point, it can cause random havoc for CJK environment and seems to be unusable for remote access X environment without achieving significant security improvement. Thus I am requesting to disable this "grub" features of gksu. Although su locks stdin, it fails much less drastically. I do not think sudo locks stdin. If this is still desirable feature, this gksu program should not freeze X or segfaults when it encounters some other program try to grub mouse or stdin from gksu. Most affected softwares: scim (and possibly other CJK input method) synaptic and other system configuration tools using gksu ========================================================================== Rationale (iAdditional details): gksu, once started, grubs stdin and mouse to prevent security issues per its documentation. This behavior can be disabled by using "--disable-grub" option. This is causing many bug reports, I think: Related bugs I found are scim: CJK input method which redirect input through IM when invoked with CTRL-SPACE http://bugs.debian.org/283746 (Frozen X for synaptic) synaptic: started under menu with gksu http://bugs.debian.org/289994 (Frozen X) http://bugs.debian.org/211900 (No gksu+root-passwd in menu) gksu: http://bugs.debian.org/271567 (Frozen X, gnome-session) http://bugs.debian.org/280914 (Segfaults, remote X) http://bugs.debian.org/280899 (Cannot pipe stdin) http://bugs.debian.org/277723 (Lockup KDE for synaptic) IMHO, if you are working on X environment where malware exists but prevented by grubbing passwd input with gksu's grub-feature, this malware can still do bad things by changing user's synaptic menu to use "gksu --disable-grub". So you are already doomed. If we need is to set up access control to the root requiring programs, use sudo type arrangement. (gksudo?) FYI: Aptitude will prompt you for root passwd if you installed it. (Maybe it should check sudo existence and use it if available.) Osamu -- ~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++ Osamu Aoki <[EMAIL PROTECTED]> Brussels Belgium, GPG-key: A8061F32 .''`. Debian Reference: post-installation user's guide for non-developers : :' : http://qref.sf.net and http://people.debian.org/~osamu `. `' "Our Priorities are Our Users and Free Software" --- Social Contract
signature.asc
Description: Digital signature
