[Gambas-user] Access global variable from other .class
Bruce
bbruen at ...2308...
Mon Jun 18 16:12:49 CEST 2012
On Sat, 2012-06-16 at 16:24 +0300, Jussi Lahtinen wrote:
> > No, xdg-su is no longer part of xdg-utils.
> >
>
> Do you know reason for this?
No, I just look at the latest releases.
>
>
>
> > I have not used the xdg-su script for privilege escalation, but a quick
> > (and I mean quick!) look through it at it stands is not going to be a
> > great success.
> >
>
> Privilege escalation means exploitation, not use of intentionally
> implemented feature to gain higher privileges.
> http://en.wikipedia.org/wiki/Privilege_escalation
>
Yes, but when I was young it meant the latter. :-) (That was before
"bad" hackers made their appearance on the planet. They've even stolen
our language, sheesh!)
>
>
> The fact is, there isn't and one of the major reasons is the old ongoing
> > su/sudo argument and how certain distros implement their own policies
> > regarding this. (I don't intend on pursuing that argument further here)
> >
>
> Is there some desktop distro without graphical sudo!?
>
As far as know, at least CentOS doesn't have a graphical authorisation
utility for sudo.
>
>
>
>
> > GKSU/GKSUDO
> > Pro: Easy to use, can handle complex command strings*, easy to configure
> > the authorisation gui to suit
> > Con: There are some security issues, the major one to me is that it
> > escalates the current user's privilege, not the current process.
>
>
> Not true if you use gksudo or gksu with -c.
>
As far as I know, on some mandriva related distros with gnome desktops
installed, it still bumps the user privileges even if -c is used.
>
>
> Even more of an issue is that the escalation actually remains in force for a
> > period of time after the gksu command is finished.
> >
>
> It is applied only if next commands are used also with sudo/etc.
> Also this time is fully configurable, and if you want you can force it to
> stop immediately with "sudo -k".
>
Hmm. I have seen gksu (not gksudo) run in a terminal to do something and
then followed by a privileged command that was not denied. Again, this
was on a mandriva derived distro.
e.g.
$ gksu whoami
/root
$ ifconfig ...
>
> * a complex command string being something like
> > 'cd /home/blah/blah;echo pwd; make install; echo "Success!"'
> >
>
> I think you mean 'cd /home/blah/blah;echo pwd; make install && echo
> "Success!"'.
> ;)
>
Probably, but around here we do not accept failure :-)
>
> Jussi
More information about the User
mailing list