Running graphical programs as root
Kevin Chadwick
ma1l1ists at yahoo.co.uk
Mon May 7 15:57:56 CEST 2012
On Sat, 05 May 2012 18:28:23 +0100
Neil Winchurst wrote:
> Well, I am surprised to get so many replies to my query. It all seems
> more complicated than I thought. I do use the terminal screen a lot and
> I am happy with it. However, occasionally I need to make a small change
> to a text file that is owned by root. I could change the permissions via
> a terminal screen and then call up a gui text editor, (eg gedit, kate)
> to make the change. However in Kubuntu I use kdesudo before the name of
> the gui editor and have to give my password. Then I can make the
> change(s) and save the file.
There is an increased level of exploitation potential of running graphic
programs as root, even apt-get runs the downloads as root when it
would be better to utilise an unpriviledged process. These are things
distros should fix. I know this and use graphic programs like synaptic
on systems like my TV, but wouldn't on business desktops or servers.
If you have a default sudoers allowing all commands then the following
is irrelevent but if you ever decide to lock down your system with
sudoers so the password only allows certain things, bear the following
in mind.
With editors and other certain commands or programs there's an extra
problem of allowing editing of apache.conf also allowing escapes and
editing of any random file such as removing your kernel and
preventing booting or installing trojans. Sudoedit's single or atleast
main purpose is to prevent that.
If your using the terminal anyway your best off getting used to sudoedit
filename. There really should be a gui program obviously offered by
distros that utilises sudoedit safely so you can use find and replace
easily without learning sed etc. but I guess the terminal is seen as so
valuable and it should be used.
> I could change the permissions via
> a terminal screen and then call up a gui text editor, (eg gedit, kate)
> to make the change.
You could do that and still restrict sudoers to just editing certain
files if you ever choose to. Of course that file won't require a
password to edit during that time, which may for certain files have
no potential repercussions?. Rather than changing permissions you could
also allow sudo to copy a file and change it's permissions. Edit it
with kate (I love kate) and all it's features, check it and use install
to copy and change it's permissions in one go (atomically) to where a
program reads it. resolv.conf would be one potential target to an
attacker who has normal user access via exploiting your web browser.
Then when you visit bank.com you might actually be talking to bank.co.
To avoid that particular scenario, using a seperate user or rebooting
may also work or be added measures of safety. You may decide that's
acceptable and easier.
These days sudoedit probably uses nano in the background by default on
your distro and so you shouldn't even need to learn any syntax. Just
type away and you should be able to even copy and paste within X11.
There's a far higher chance of your password being gained by an
attacker on X11 for multiple reasons than a terminal (Ctrt-ALt-F1 to
F12) and yet that's where the password usually offers the most powers.
Sad but true and the picture for Windows 7 is far worse, whatever you
hear.
More information about the Xfce
mailing list