ksmarttray and updates

Stephen Boddy stephen.boddy at btinternet.com
Mon Aug 14 12:18:41 PDT 2006 

On Monday 14 August 2006 18:27, Christoph Thiel wrote:
> On Mon, 14 Aug 2006, Christoph Thiel wrote:
> > > a) Make smart-update 4755;
> > >
> > > b) Remove X-KDE-SubstituteUID from ksmarttray.desktop so it doesn't
> > >    ask for the root password on each startup;
> > >
> > > c) Maybe move smart-update into the ksmarttray RPM to make sure that
> > >    it's installed only on those systems where it's actually used.
> > >    smart-update doesn't seem to be used by anything else than
> > >    ksmarttray.
> >
> > I'd like smart-update to stay in the main rpm.
> >
> > > That's the way it is intended to be (as far as I know) and, assuming
> > > that smart-update is safe for 4755, it could be even more secure than
> > > the current solution because the user would no longer be tempted to
> > > run ksmarttray itself as root.
> > >
> > > You or someone else can always request that at bugzilla.novell.com,
> > > the worst thing that can happen is that it's rejected.
> >
> > Right ;) I'm taking this to our security team right now. Stay tuned.
>
> Our security team doesn't like the idea of introducing setuid for
> smart-update. From their point of view, smart is designed to be run as
> root. So we will have to stick with the current situation.

I must say that I disagree with their point of view. Yes, *smart* is designed 
to be run as root. However, for me, *ksmarttray* is there to inform a normal 
user (me) who's responsible for the the machine, that there are updates 
available. AFAICT only ksmarttray uses smart-update, and having smart-update 
setuid allows ksmart-tray to determine that there are updates. The only thing 
smart-update is able to do when setuid is to update the channels with what is 
available. It's not even strictly a part of smart proper, as it is in 
contribs. This capability is no different to yast-watcher/software-updater. I 
believe yast-watcher used an alternate directory for downloading information 
on updates, then YOU had to repeat when run as root. Software-updater didn't 
last long enough for me to ever understand how that tangled web of 
incomprehensibility hung together, suffice to say it seemed even less 
restrictive than this smart arrangement. I've previously stated my dislike of 
a normal user being authorized to update a system, with no future 
authorization, as the new zen appears to do.

Having said all that; frankly Christoph, I would have been stunned if they had 
done so. It is not in the corporate interest to promote, and ease the use of, 
a competing package management system.

Thanks very much for asking though. Guess I have to figure out if there is a 
way to customise the permissions stuff to set up smart-update as setuid 
automatically, so updates don't cause breakage.
-- 
Steve Boddy

More information about the Smart mailing list