Getting close here folks! Looking good.
Craig White
craigwhite at azapple.com
Wed Nov 15 17:38:58 UTC 2006
On Wed, 2006-11-15 at 11:13 -0600, Mike McCarty wrote:
> Les Mikesell wrote:
> > On Wed, 2006-11-15 at 08:48 -0700, Craig White wrote:
> >
> >>----
> >>most people have the good sense not to run GUI as root
> >>
> >
> >
> > That makes GUI system administration tools kind of a dead
> > end, doesn't it? Odd that the installer runs X these days
> > too..
>
> No, it doesn't. The GUI doesn't have to run with root privilege.
> It can run as an ordinary front end to command line commands,
> and prompt for the root password. Then it can run suid temporarily
> only from time to time as necessary.
>
> An installer and a running system connected to the 'net are two
> different things.
----
"That makes GUI system administration tools kind of a dead end, doesn't
it?"
You are talking about one single tool, not the panacea of processes that
is the GUI which would be running as root.
Mike is right, the GUI installer doesn't have to run as root, but root
privileges are pretty much necessary throughout the anaconda process.
The GUI is an end user convenience. The text install does more or less
the same thing as the GUI.
I gather that the assumption is that for a limited duration, for a
specific purpose (installation), for a specific process (anaconda), that
the GUI is a reasonable option for root. Clearly there is a world of
difference between this usage and everyday desktop usage. While you can
execute commands that are included on CD 1 /bin;/sbin;etc. as root, you
can't execute anything of substance within the GUI and therefore,
running GUI as root is as safe as anaconda, which of course is an
entirely different debate.
Craig
More information about the users
mailing list