ksmarttray and updates
Stephen Boddy
stephen.boddy at btinternet.com
Mon Aug 14 12:18:41 PDT 2006
On Monday 14 August 2006 18:27, Christoph Thiel wrote:
> On Mon, 14 Aug 2006, Christoph Thiel wrote:
> > > a) Make smart-update 4755;
> > >
> > > b) Remove X-KDE-SubstituteUID from ksmarttray.desktop so it doesn't
> > > ask for the root password on each startup;
> > >
> > > c) Maybe move smart-update into the ksmarttray RPM to make sure that
> > > it's installed only on those systems where it's actually used.
> > > smart-update doesn't seem to be used by anything else than
> > > ksmarttray.
> >
> > I'd like smart-update to stay in the main rpm.
> >
> > > That's the way it is intended to be (as far as I know) and, assuming
> > > that smart-update is safe for 4755, it could be even more secure than
> > > the current solution because the user would no longer be tempted to
> > > run ksmarttray itself as root.
> > >
> > > You or someone else can always request that at bugzilla.novell.com,
> > > the worst thing that can happen is that it's rejected.
> >
> > Right ;) I'm taking this to our security team right now. Stay tuned.
>
> Our security team doesn't like the idea of introducing setuid for
> smart-update. From their point of view, smart is designed to be run as
> root. So we will have to stick with the current situation.
I must say that I disagree with their point of view. Yes, *smart* is designed
to be run as root. However, for me, *ksmarttray* is there to inform a normal
user (me) who's responsible for the the machine, that there are updates
available. AFAICT only ksmarttray uses smart-update, and having smart-update
setuid allows ksmart-tray to determine that there are updates. The only thing
smart-update is able to do when setuid is to update the channels with what is
available. It's not even strictly a part of smart proper, as it is in
contribs. This capability is no different to yast-watcher/software-updater. I
believe yast-watcher used an alternate directory for downloading information
on updates, then YOU had to repeat when run as root. Software-updater didn't
last long enough for me to ever understand how that tangled web of
incomprehensibility hung together, suffice to say it seemed even less
restrictive than this smart arrangement. I've previously stated my dislike of
a normal user being authorized to update a system, with no future
authorization, as the new zen appears to do.
Having said all that; frankly Christoph, I would have been stunned if they had
done so. It is not in the corporate interest to promote, and ease the use of,
a competing package management system.
Thanks very much for asking though. Guess I have to figure out if there is a
way to customise the permissions stuff to set up smart-update as setuid
automatically, so updates don't cause breakage.
--
Steve Boddy
More information about the Smart
mailing list