[sudo-workers] Sudo and gnome-menus
manu.cornet at gmail.com
Tue Jul 26 16:52:32 EDT 2005
I am new to this list, and I am aware that sending a message so fast is
against a lot of "Netiquette" rules. However, I am part of a summer
program (Google's "Summer of Code") for open source coding, which ends
on September 1st : that's why I need to be moving quite fast :o) I hope
I don't get it all wrong.
The problem is : in the GNOME menus, I would like to hide menu entries
that require administrator authorizations (eg "Synaptic", a front-end
for apt) from non-sudoers.
I have already set a temporary solution, but only for a precise Linux
distribution (Ubuntu). Since the user could very well be able to run
some admin program (like Synaptic) and not another (like starting
apache), I need to rely on sudo. Another detail : obviously, I can't ask
the user to input his password again, while the menus are being built...
So here's my question : would it be possible to add an option to sudo
(for example : -t or --test) to check whether the user can or cannot run
a particular command, without giving his password ?
It could look like :
>sudo --test /usr/sbin/synaptic
sudo test : user is allowed to run synaptic
>sudo --test /usr/sbin/adduser
sudo test : user is NOT allowed to run adduser
(returning something != 0)
Has this question already been discussed ? Would any part of it be
considered a security hole ? Would it be difficult to code ? Of course,
I am willing to work on this myself if you agree with the idea (but I
will probably need a little help).
Thank you for your answers !
More information about the sudo-workers