[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-devel] Priviledged Execution



On Monday, 06 November 2006, at 16:30:16 (+0100),
Essien Ita Essien wrote:

> I'm just putting out feelers for ideas (a.k.a. best practices if
> such exist), for how to implement Priviledged Execution for
> Entrance_Edit_GUI

Best practice:  Don't do it.

> The problem is that, the config file is /etc/entrance_config.cfg,
> which is protected file, but all users *can* run entrance_edit_gui
> for now.

There is no point letting any user run entrance_edit_gui.  Only root
should be able to run it.

> Whats the best practice for implementing stuff like this in a GUI
> environment?

Don't.  It's too hard to audit the code.

Michael

-- 
Michael Jennings (a.k.a. KainX)  http://www.kainx.org/  <mej@kainx.org>
n + 1, Inc., http://www.nplus1.net/       Author, Eterm (www.eterm.org)
-----------------------------------------------------------------------
 "Sometimes I give myself the creeps.  Sometimes my mind plays tricks
  on me.  It all keeps adding up; I think I'm cracking up.  Am I just
  paranoid?  Am I just stoned?"            -- Green Day, "Basket Case"