:: Re: [DNG] gvfs depends on libsystem…
Top Page
Delete this message
Reply to this message
Author: Rick Moen
Date:  
To: dng
Subject: Re: [DNG] gvfs depends on libsystemd0
Quoting Alessandro Selli (alessandroselli@???):

> IMO, using root's password in those same cases is the worst possible
> password use case. One thing is your non-privileged user's password
> being captured when you mount an external drive, a different thing is
> giving away root's password performing the same trivial task.


You might have missed my point that your suggestion makes that
'non-privileged user's password' privileged -- such that every time you
use it in any situation, you are exposing a privleged password. Which
I deem very undesirable.

>> but it also has a secondary use to escalate privilege to root.
>
> Just like using su does.


'su -' does of course escalate (obviously), but _not_ as a secondary use
of an otherwise non-privileged login. But I think the point should be
clear, and I don't care to keep re-discussing this point.

Anyway, I'm glad whatever you do works for you.

> Needing to type it just to mount an external drive increases the
> chances it will be used many times when easily avoidable.


As already mentioned, this does not describe my experience.

> This too would be a better solution than having to use su to just
> mount external drives.


I do not concur, because IMO mounting/umounting is, in the general case,
security sensitive and ought to be treated with caution, which includes
not permitting arbitrary mounts/umounts by unprivileged users. But I
think the point should be clear, and I don't care to keep re-discussing
this point.

> This is precisely the reason I suggested using sudo, which allows
> fine-tuning who gets to do what as another user.


IMO mounting/umounting is, in the general case, security sensitive and
ought to be treated with caution, which includes not permitting
arbitrary mounts/umounts by unprivileged users. But I think the point
should be clear, and I don't care to keep re-discussing this point.

> This too is much better than having to use su.


IMO mounting/umounting is, in the general case, security sensitive and
ought to be treated with caution, which includes not permitting
arbitrary mounts/umounts by unprivileged users. But I think the point
should be clear, and I don't care to keep re-discussing this point.

Anyway, I'm glad whatever you do works for you.