Package Manager Denies Permission to Install
Richard Hughes
hughsient at gmail.com
Wed Jan 21 10:03:09 UTC 2009
On Tue, 2009-01-20 at 09:53 -0800, Kam Leo wrote:
> Well, if you can not trust a GUI then logging in as a user won't help
> either. Once that user invokes superuser powers there is no difference
> between him/her and root.
Incorrect. If the dialog stays as the user process (non-root) it can
communicate with a seporate privileged process (running as root) using
some sort of untrusted IPC (over DBUS, socket, etc). We therefore allow
the untrusted process to authenticate (using PolicyKit) and do tasks
that are normally only allowed to do as root.
Just because a dialog pops up and asks for the root password, doesn't
automatically mean the GUI code is then running as root.
If you read http://hal.freedesktop.org/docs/PolicyKit/ it explains
nicely how the system works.
Richard.
More information about the fedora-list
mailing list