K
Kerry Brown
Stephan Rose said:Difference is though that Gksudo only presents itself when the user
actually
runs it. Ie...if I run "gksudo myapp" I will see the prompt as you
describe
it.
If I just run "myapp"...I will never see a prompt no matter what it tries
to
do. Anything it tries to modify that it is not allowed will simply be
denied to it. An app not started under elevated permissions can never gain
elevated permissions.
The line "gksudo is a graphical frontend to sudo included with Ubuntu. It
comes up automatically when an application tries to perform an action
requiring root privileges." is actually a little bit misleading.
The only reason gksudo comes up automatically is because it is part of the
shortcut in the system menu for launching the app.
For example (from a commandline):
gksu synaptic
Starts the gksudo prompt for elevated access, and if I enter the password
correctly...then starts synaptic, the package manager. This is how it is
started via the system menu.
However...if I just run "synaptic"..I am greeted with a dialog from
synaptic
telling me it has no elevated access and can therefore not perform certain
system related functions requiring that access. And that's it. It will
never gain elevated access until I close it and restart it with proper
access.
That to me is where UAC's problem lies. An application not started with
elevated permissions can still gain them via the UAC Prompt when the app
tries to do modify the system.
And what's to stop a rogue program from using "gksu run_this_malware"? We
would be back to the same issue. Most current security can be bypassed by
using social engineering. That's the problem with using user accounts as a
security boundary. Presently it's a tool we use but in the long run probably
not a good practice. As OS' evolve this will have to be worked out. Until
this happens we are stuck with things like UAC and sudo or gksu.