Tony Whyman wrote:
What's interested me is how this thread has almost looped back to a recent thread on that steaming heap of brown stuff know as GTK and the attitude of the programmers behind it.
It wasn't intentional :-)
They make the point here that GTK is (too) complex and difficult to analyse hence setuid (and setgid) is bad on the grounds that no one knows how it could be mis-used.
Assuming that this problem still exists in GTK2, it may get in the way of what otherwise could be a good way to solve the original problem in this thread.
There's certainly still problems setting running something setuid root, I can't speak for using a less-privileged user. I think you might be able to work around some (but not all) of the issues using capabilities.
The thing that I found most incredible about the attitude of the GTK developers was that they used the fact that Linux changes /internal/ interfaces as a precedent that they claimed justified their changing /external/ APIs (i.e. as available to application programmers).
-- Mark Morgan Lloyd markMLl .AT. telemetry.co .DOT. uk [Opinions above are the author's, not those of his employers or colleagues] _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal