PureBasic Forums - English

Posted: **Fri Jul 16, 2010 6:15 am**

I'm trying to write a "control panel" app for Ubuntu, kinda like the one that WinXP has, but of course better. The idea is to have it accept "plugins" as .so files, to add more options. So all the settings can be found in one place and more functionality can be added later ... but anyways, I've come up with this code to make sure the program is running in su mode.

Code: Select all

a.s = ProgramParameter(0)
;display ProgramParameter(0) so I can see what instance this is.
MessageRequester("?", ProgramParameter(0))
If FindString(a.s, "suMode", 0) = 0
    MessageRequester("?", "Should be prompting for a password:")
    ;run myself in su mode
    RunProgram("gksu", ProgramFilename() + " suMode", "")
    End
EndIf

;try something I can't do normally:
su = ExamineDirectory(#PB_Any, "/lost+found", "*.*")
    If Not su
        MessageRequester("!", "NO")
        ;RunProgram("gksu", ProgramFilename(), "")
        End
    EndIf
    
    ;If we are beyond this point, we are in super user mode.
    MessageRequester("!", "YES")

While testing and playing around with the code, I've noticed that when I open a terminal (or use nautilus) and run the compiled binary, I only have to type my password once. Then I can run it again and again without it prompting me for the password. "It" does it for me. I also made a couple different binaries with different file names and what I found was: I only have to enter my password once for one binary only, then any time the gksu bit is supposed to prompt me for the password, it does it for me, without me knowing I was even being asked for the password. Scary huh? Is there something I have to do to release "su" mode or something so it can be more secure?

Posted: **Fri Jul 16, 2010 6:52 pm**

There are several things I want to say

:

1. Isn't the gnome-control-center what you try to
program yourself?

2. You can test for su rights with getuid_()=0

3. About the time-out for sudo, the manpage says:

Once a user has been authenticated, a timestamp is
updated and the user may then use sudo without a password for a short
period of time (15 minutes unless overridden in sudoers).

This is very convenient if you want to run several commands
as root one after another. This as the consequence that, as
you noticed, one should not just use the super user rights
carelessly. There are at least two ways I would prefer for this
kind of program:
1. Ask for su rights only when needed, that is only for plugins
that really require it.
2. There is a newer and "better" way to do this using PolicyKit:
http://en.wikipedia.org/wiki/PolicyKit
It is definitely the preferred way of doing this kind of things
in current linux distros like Ubuntu.

But I do not really have an answer to your original question

I only know of the possibility to change this time-out system
wide as a system configuration.

greetz
remi

Posted: **Sat Jul 17, 2010 1:21 am**

1. Isn't the gnome-control-center what you try to
program yourself?

Yes, and No. Nowhere in there can a setting be found for things like, don't show mounted disks on the desktop, changing the font and color of the clock, etc.. Even though these settings can be changed in files. Also, I think I'd like it better if the options were in the same window instead of opening another window.

Guess I'll have to read up on the PolicyKit.

Posted: **Sat Jul 17, 2010 3:08 am**

If the sudo timestamp is the reason, calling "sudo -k" should reset that.

PureBasic Forums - English

release super user mode?

release super user mode?

Re: release super user mode?

Re: release super user mode?

Re: release super user mode?