[Thunar-dev] Feature request: superuser mode
Danny Milosavljevic
danny_milo at yahoo.com
Fri Sep 1 18:48:24 CEST 2006
Hi,
On Thu, 31 Aug 2006 07:55:31 +0200, N. Volbers wrote:
> Danny Milosavljevic schrieb:
[...]
>> I thought running X (or worse, gtk) applications as root was a security
>> hazard.
>
> I am not talking about running X as root. And IMHO running a single gtk
> application as root is definitely the better solution than running your
> whole X session as root.
Even better is running _only_ the actual
readdir/cp/mv/unlink as root.
But maybe that's just me.
>
> I am a big fan of the shell, but I don't believe it should be a
> neccessity to use it if you want to delete/modify/rename/whatever some
> system files.
Of course not, that would be ridiculous.
> So what this superuser mode (which is now already implemented, thanks
> Benedikt!) is all about, is the ability to spawn a new instance of
> thunar
I see that I was not clear enough.
It is dangerous to _ever_ spawn X stuff at all as root.
Read: X is buggy, gtk is more buggy and probably has
more holes than a swiss cheese.
Or is it better nowadays?
> for these rare cases where you need superuser access (using gksu
> or something similar), and then, because just as you said it is
> dangerous to work as root, to remind you of the fact that you are
> running thunar as superuser.
Then it's too late.
Or is it all about risk management? :)
cheers,
Danny
More information about the Thunar-dev
mailing list