[sudo-users] Fwd: Re: Using sudo from a GUI app (getting a persistent ticket)
Alec Leamas
leamas.alec at gmail.com
Sat Sep 28 08:11:17 MDT 2013
On 09/27/2013 07:26 PM, Kevin Chadwick wrote:
>> There are walk-arounds: disabling tty_tickets (security aspects...) or
>> starting from a terminal (clumsy). This is wat I do today.
> Todd gave a proper answer however I just thought I'd throw in atleast
> until the new version is out. Why not use NOPASSWD as I would guess you
> may as well if you are enabling for 5 minutes, though tty tickets etc.
> is a slight increase in security it's not a great deal and NOPASSWD with
> timestamp_timeout=0 may in fact offer more security?
>
> Obviously I don't know the details and you may have considered all this
> so please don't be offended if so.
>
> I'm glad you are using sudo for this task when so many encourage users
> to run whole gui programs and don't drop priviledges either.
>
I got the C wrapper working. As it turns out, it's enough to attach
stdout to the pty slave. . I havn't the faintest idea where stderr goes,
but sudo seems happy.
It's ~ 100 lines of C code, most of which copied from an old utility I
made some years ago. Not to bad IMHO. Thanks again for all help!
--alec
PS: if there is any interest in that code, just let me know. It's
public, for sure.
More information about the sudo-users
mailing list