https://bugzilla.novell.com/show_bug.cgi?id=637215 https://bugzilla.novell.com/show_bug.cgi?id=637215#c17 --- Comment #17 from Vincent Untz <vuntz@novell.com> 2010-09-08 12:23:13 UTC --- (In reply to comment #16)
You say "that running X as root and having paranoid PERMISSION_SECURITY is weird: you should never run a desktop session as root". However, with paranoid PERMISSION_SECURITY, the only way that you CAN run X is as root.
And therefore I wouldn't use X in paranoid mode.
I have an application server that, unfortunately, requires a gui for some of its configuration. Normally, no one is logged into the system. I chose permissions.paranoid for the reduced attack exposure. When I need to make configuration changes, I start X. If you have suggestions for an alternative setup, I would appreciate your input.
I don't have any good suggestion here, unfortunately. I would probably change the mode from paranoid to secure while I have ti run the config tool, but that's just me.
If permissions.paranoid was not intended to be used without modification, please rename it to permissions.paranoid.template, or permissions.paranoid.example; and please edit the comments.
You might want to file a different bug for this -- this is not for the GNOME team.
Regardless of how the permissions got changed - either through PERMISSION_SECURITY or manually - gnomesu should fail a little less obtusely. I have had this problem for a number of months, and it was not obvious that it was really a permissions issue.
Yes, we agree on that :-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.