Bug 1293431
Summary: | Feature request Run As Root in right-click menu | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | M_M <mikhail.rokhin> |
Component: | gnome-shell | Assignee: | Owen Taylor <otaylor> |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 23 | CC: | fmuellner, otaylor |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-12-22 14:41:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
M_M
2015-12-21 18:27:02 UTC
(In reply to M_M from comment #0) > It's quite disturbing to launch terminal and sudo-ing from there. Fully-fledged GUI libraries like GTK+ or Qt (plus all their dependencies) are a huge attack vector, so running those with elevated privileges is disturbing[0]. We cannot force programs that require root privileges to use a saner approach like polkit, or users to not run graphical applications as root - however that does not mean that a convenient shoot-yourself-in-the-foot option is a good idea. [0] http://www.gtk.org/setuid.html (In reply to Florian Müllner from comment #1) > (In reply to M_M from comment #0) > > It's quite disturbing to launch terminal and sudo-ing from there. > > Fully-fledged GUI libraries like GTK+ or Qt (plus all their dependencies) > are a huge attack vector, so running those with elevated privileges is > disturbing[0]. We cannot force programs that require root privileges to use > a saner approach like polkit, or users to not run graphical applications as > root - however that does not mean that a convenient > shoot-yourself-in-the-foot option is a good idea. > > [0] http://www.gtk.org/setuid.html Whatever you call it - it is happening) A strange resistance to obvious... Should I, for e.g., turn off network to launch GParted or nautilus, or ... as root as they require to allow me on a regular basis management? The better way it seems to be - "Run As" model - there are approaches when app needs to be run under certain user when logged in as root. One may brake one's fingers typing&retyping root's pwd whilst sudoing during debug testing of *nix . There might be a compromise - as disabled by default but available option in Gnome preferences. |