[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-devel] Priviledged Execution




The GOALS:

1. KISS
2. Don't dictate to the system admin (i.e. if he wants to use groups to
control access fine, we should be able to still live with or without his
inteference)
3. We should be able to function properly when no one is logged on.

The PLAN:

1. When starting check if someone is already logged on.
    If logged on:
       Are we root? if yes - continue, we love you
       if not do we have write permissions on the file? - Continue we
love you
       if not -
            inform d00d and ask said d00d to save to alternate location.
    if not logged on:
       Attempt to authenticate as root. If pass - continue we love you
       if fail - d00d... contact your system admin

I think - Attempt to authenticate as user/password. If logged ...
(Other problem is in Ubuntu - "no root password" and all the time "sudo with
a user password")

The CONSEQUENCES:

1. When root is logged on, [s]he can edit run without problems
2. When another user is logged on, [s]he can run IF they have write
permissions on that file (so the sys admin can decide to use groups to
control access too)
3. When logged on, Any user that is neither root, nor have write access
to the config file, can run entrance_edit_gui, but will only be able to
save an alternate config file, not the *main* one.
4. When not logged on, you MUST supply the root password before we
launch, else no show.


the same.

There... we have it... GPC (Goal, Plan, Consequences ;)), I'll
appreciate any more crucifixion on said plan before i start
implementing... what i'll do tonite, is make that authentication code in
entrance easily reusable.

Cheers,
Essien

nice