What are these for?
Ian Malone
ibmalone at gmail.com
Fri Nov 23 00:30:04 UTC 2012
On 22 November 2012 19:13, lee <lee at yun.yagibdah.de> wrote:
> Ian Malone <ibmalone at gmail.com> writes:
>
>> Also the equivalent is not su, it's actually suid, which does rely on
>> the individual application to assume and drop privileges responsibly.
>
> In which way is relying on an application that uses polkit to do only
> what it is supposed to do better or different? I can see it being
'allowed to do'
> better forcing apps that are setuid root to request a password, yet they
> don't need to do that when they already have the permissions they're
> asking for.
>
Not how setuid works. If it did that it would be polkit.
> If I understand the desgin correctly, using polkit is voluntary for an
> application and it's up to the application to do whatever when it
> receives extended permissions. When the application already has
> extended permissions, it doesn't need to ask and can do whatever anyway.
>
Apparently you don't and are trying very hard not to.
--
imalone
http://ibmalone.blogspot.co.uk
More information about the users
mailing list