On Mon, 24 Feb 2020 13:46:46 +0100
Didier Kryn <kryn@???> wrote:
> Le 24/02/2020 à 10:44, aitor a écrit :
> > Hi Didier,
> >
> > En 24 de febrero de 2020 10:01:33 Didier Kryn <kryn@???>
> > escribió:
> >
> >> Le 24/02/2020 à 01:16, Aitor a écrit :
> >>>
> >>> Hi Tito,
> >>>
> >>> On 23/2/20 17:02, Tito via Dng wrote:
> >>>> Why use 2 binaries rather than one, more programs, more code,
> >>>> more communication in between them equals to more attack surface.
> >>>> I would stay with just one suid binary, more so if you want to
> >>>> go the su-only route.
> >>> I'll answer to this question in more detail: the requeriment of
> >>> suid privilegies implies an additional (non GUI) binary due to
> >>> the fact that the usage of any GTK suid binary is impossible.
> >>> Read here:
> >>>
> >>> http://soc.if.usp.br/manual/libgtk2.0-doc/faq/x392.html
> >> Does it mean that synaptic works that way with droping
> >> priviledges in the GUI?
> >>
> >> Didier
> >
> > Synaptic is run as root via sudo/su. There are no suid privilegies
>
> Hi Aitor.
>
> Sure, but it is running a GUI with root priviledge. I thought
> this was the danger and I understood this was forbidden in GTK+.
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
It's not a big deal as long as it's not some crazy bloated mess like a
web browser or something.
--
_________________________________________
/ This is the story of the bee Whose sex \
| is very hard to see |
| |
| You cannot tell the he from the she But |
| she can tell, and so can he |
| |
| The little bee is never still She has |
| no time to take the pill |
| |
| And that is why, in times like these |
\ There are so many sons of bees. /
-----------------------------------------
\
\
/\ /\
//\\_//\\ ____
\_ _/ / /
/ * * \ /^^^]
\_\O/_/ [ ]
/ \_ [ /
\ \_ / /
[ [ / \/ _/
_[ [ \ /_/