[sudo-workers] [Patch] Ability to communicate to a frontend
Hongli Lai
h.lai at chello.nl
Wed Jan 12 16:49:28 EST 2005
Various people have tried to write graphical frontends for sudo. But
right now, creating a good frontend is not easy, if possible at all.
sudo writes it's current state to the terminal, and reads the password
from the terminal/stdin. Because of this, there's no way to tell whether
authentication succeeded, until the child process exits or until it
prints output. It's impossible for frontends to only check whether
authentication succeeded, and then leave the child process alone.
It's also impossible to setup a pipe communication with the child
process, because you don't know whether sudo will ask the password.
Here's a patch which allows sudo to send it's state information to
different a file descriptor, and to read the password from a different
file descriptor.
The frontend calls pipe(). Let's say pipe() returns 4 and 5 as file
descriptors. The frontend runs:
sudo -f 4 5 xterm
sudo will print it's state information (password required,
authentication succeeded/failed, errors, etc.) to file descriptor 4, and
will read the password from file descriptor 5.
I think this patch is crucial for properly implementing graphical
frontends. Please comment on the patch.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: sudo-patch
URL: </pipermail/sudo-workers/attachments/20050112/b9f1a32e/attachment.ksh>
More information about the sudo-workers
mailing list