Re: Improving gksu: lib, server, basic client

[Allan Douglas]

> Hau!
!io
 
> > We really need a daemon?
> 
> Well, no, we need a way to keep the authorization for a small amount
> of time. What do you propose?

The problem is: keeping the plain password somewhere is a very bad thing, a 
great security hole...
Anyone can write a fake client and get the _plain password_. What 
program/daemon/lib offers this "feature"?
See sudo, it keeps the authorization for 15 minutes. But, it doesn't keep the 
password, it makes a timestamp in /var/run/sudo and check if it is updated, if 
yes, sudo runs the command without prompting the user.
Gksu can't do this. It is a frontend to su, and su doesn't keep the 
authorization.

What we can do?
- Make Gksu a real su-like program, not only a frontend. (very bad idea, 
reinventar a roda...)
- The daemon can open a "session" (calling su without the -c option) with su, 
so we can execute many commands without prompting the user every time.
- Just don't keep the authentication.
- Your idea here

If we, after considering all the possibilities, decide to keep the password, 
the better is to create a file in a temp dir, with permission 0400, and then 
storing the password into it. Much more simple and secure than a daemon.

> > Will be possible to utilize the lib without executing the daemon?
> 
> Well, I believe we can have that as an option, yes, what do you think?

Good...

> > We really need a daemon? And the KISS principle...?
> 
> I even believe that a daemon could help us achieve KISS, given our
> goals.

I think i'll never understand that KISS...

[]'s