ksmarttray and updates
Christoph Thiel
cthiel at suse.de
Mon Aug 14 10:27:04 PDT 2006
On Mon, 14 Aug 2006, Christoph Thiel wrote:
> > a) Make smart-update 4755;
> >
> > b) Remove X-KDE-SubstituteUID from ksmarttray.desktop so it doesn't
> > ask for the root password on each startup;
> >
> > c) Maybe move smart-update into the ksmarttray RPM to make sure that
> > it's installed only on those systems where it's actually used.
> > smart-update doesn't seem to be used by anything else than
> > ksmarttray.
>
> I'd like smart-update to stay in the main rpm.
>
>
> > That's the way it is intended to be (as far as I know) and, assuming
> > that smart-update is safe for 4755, it could be even more secure than
> > the current solution because the user would no longer be tempted to
> > run ksmarttray itself as root.
> >
> > You or someone else can always request that at bugzilla.novell.com,
> > the worst thing that can happen is that it's rejected.
>
> Right ;) I'm taking this to our security team right now. Stay tuned.
Our security team doesn't like the idea of introducing setuid for
smart-update. From their point of view, smart is designed to be run as
root. So we will have to stick with the current situation.
Regards
Christoph
More information about the Smart
mailing list