Posted Nov 20, 2009 16:04 UTC (Fri) by drag
In reply to: sudo granularity
Parent article: Fedora 12 to remove unprivileged package installation
If you use Packagekit and Policykit you can configure it to do pretty much the entire thing without
allowing the user any access to the root account.
This is the biggest advantage over sudo. Sudo gives access to the root account and that is a bad
Yes it can be configured to do a per binary or even restrict people somewhat on the types of
commands they can execute, but the problem you run into is that if there is any vulnerability in any
of that program your handing over or if it's possible to mishandle it in any way then that is a easy way
to get root access to your machine.
With *kit/policykit all you have to worry about in terms of vulnerable code is the dbus interface
for the privileged daemon. As long as that is good then you know your safe. Of course you'll never be
able to get rid of sudo, it's a very valueable administrative tool, but if you can
cover common desktop cases in a more secure manner then that's a big win.
to post comments)