Web lists-archives.com

Re: [kde-linux] KDESU again




James Tyrer posted on Wed, 21 Dec 2011 15:36:40 -0700 as excerpted:

> Some time ago, I posted:
> 
> "When I run KDESU from a Konsole, I get this message:
> 
> startApp: Daemon not safe (not sgid), not using it
> 
> Is there some file that needs the permissions changed?"
> 
> It was posted to LFS that it is: "kdesud" that needs the permissions
> changed -- SGID set.
> 
> Also note that for security reasons that the group should be changed
> from "root" to "nobody".

FWIW, I can confirm here on gentoo, /usr/lib64/kde4/libexec/kdesud is 
part of the kdesu package (4.7.90 installed), and that it's setGID, owner 
root, group "nogroup" (probably "nobody" on LFS).

I don't see any special set* treatment in the ebuild, so it would appear 
to be set by the build process from upstream (kde).

But my normal/kde user is locked out of things like su, and thus kdesu, 
so I can't confirm whether it actually works or not.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

___________________________________________________
This message is from the kde-linux mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde-linux.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.