For the one click install YaST module it is necessary to run the
module first as a limited user, to display the details about the
operation to be performed, and allow the user to customize it. The
installation operation itself must then be performed as root. This is
crucial to prevent malicious use of the feature to damage users'
At present I am achieving this by constructing a shell command to
execute another YaST module as root, to perform the actual
installation itself. This does work, but it has a number of problems,
* Using a shell command is potentially dangerous, I am stripping out
special shell characters first, but it is still not ideal.
* We cannot easily pass information back from the module running as
root to the original module to display status.
So my question to you is whether there is a better way to do privilege
escalation from within a YaST module, or a better way to do
inter-process communication between an instance of YaST running as a
regular user, and an instance running as root.
To unsubscribe, e-mail: yast-devel+unsubscribe(a)opensuse.org
For additional commands, e-mail: yast-devel+help(a)opensuse.org
Show replies by date