Bug#240843: "grubconf ~/grub.conf" should not require X-as-root
Luis R. Rodriguez
mcgrof@ruslug.rutgers.edu (Luis R. Rodriguez), 240843@bugs.debian.org
Wed, 5 May 2004 01:37:51 -0400
--mvpLiMfbWzRoNl4x
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Use `sudo grubconf` for now. If this is fixed it should most certainly
be fixed on the upstream.
Luis
On Mon, Mar 29, 2004 at 04:25:00PM +0100, Justin B Rye wrote:
> Package: grubconf
> Version: 0.5-1
> Severity: wishlist
>=20
> Running as root where this is avoidable is generally considered a
> bad idea - especially for X clients, which exchange authentication
> tokens with the X server (a snooping opportunity).
>=20
> Given that grubconf can be used to edit a user-writable grub
> configuration file without a boot partition even being mounted, it
> seems a pity that it should insist so absolutely on executing under
> a privileged uid.=20
>=20
> Using "fakeroot /usr/sbin/grubconf grub.conf" _almost_ works, but
> even with group-access tweaks for /root/.gnome2/ it crashes on exit,
> truncating the grub.conf to zero length (annoying, but no worse than
> this sort of behaviour deserves).
>=20
> -- System Information:
> Debian Release: testing/unstable
> APT prefers testing
> APT policy: (500, 'testing'), (50, 'unstable')
> Architecture: i386 (i586)
> Kernel: Linux 2.6.4
> Locale: LANG=3Den_GB, LC_CTYPE=3Den_GB
>=20
> Versions of packages grubconf depends on:
> ii grub 0.93+cvs20031021-8 GRand Unified Bootloader
> ii libart-2.0-2 2.3.16-1 Library of functions for 2D =
graphi
> ii libatk1.0-0 1.4.1-1 The ATK accessibility toolkit
> ii libaudiofile0 0.2.6-3 Open-source version of SGI's=
audio
> ii libbonobo2-0 2.4.3-1 Bonobo CORBA interfaces libr=
ary
> ii libbonoboui2-0 2.4.3-2 The Bonobo UI library
> ii libc6 2.3.2.ds1-11 GNU C Library: Shared librar=
ies an
> ii libesd0 0.2.29-1 Enlightened Sound Daemon - S=
hared=20
> ii libgconf2-4 2.4.0.1-4 GNOME configuration database=
syste
> ii libgcrypt1 1.1.12-4 LGPL Crypto library - runtim=
e libr
> ii libglib2.0-0 2.2.3-1 The GLib library of C routin=
es
> ii libgnome2-0 2.4.0-4 The GNOME 2 library - runtim=
e file
> ii libgnomecanvas2-0 2.4.0-1 A powerful object-oriented d=
isplay
> ii libgnomeui-0 2.4.0.1-5 The GNOME 2 libraries (User =
Interf
> ii libgnomevfs2-0 2.4.1-5 The GNOME virtual file-syste=
m libr
> ii libgnomevfs2-common 2.4.1-5 The GNOME virtual file-syste=
m libr
> ii libgnutls7 0.8.12-5 GNU TLS library - runtime li=
brary
> ii libgtk2.0-0 2.2.4-3 The GTK+ graphical user inte=
rface=20
> ii libice6 4.3.0-7 Inter-Client Exchange library
> ii libjpeg62 6b-9 The Independent JPEG Group's=
JPEG=20
> ii liborbit2 1:2.8.3-2 libraries for ORBit2 - a COR=
BA ORB
> ii libpango1.0-0 1.2.5-2.1 Layout and rendering of inte=
rnatio
> ii libpopt0 1.7-4 lib for parsing cmdline para=
meters
> ii libsm6 4.3.0-7 X Window System Session Mana=
gement
> ii libtasn1-0 0.1.2-1 Manage ASN.1 structures (run=
time)
> ii libx11-6 4.3.0-7 X Window System protocol cli=
ent li
> ii libxml2 2.6.7-1 GNOME XML library
> ii xlibs 4.3.0-7 X Window System client libra=
ries m
> ii zlib1g 1:1.2.1-5 compression library - runtime
>=20
> -- no debconf information
> --=20
> JBR
> Ankh kak! (Ancient Egyptian blessing)
--=20
GnuPG Key fingerprint =3D 113F B290 C6D2 0251 4D84 A34A 6ADD 4937 E20A 525E
--mvpLiMfbWzRoNl4x
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAmH2vat1JN+IKUl4RAgYoAJ0Uq5tcOgc+54VLC8eDpIZ7DuvufQCgkSi7
7DnF4bTGOf4NberfEkqpL80=
=Ll+q
-----END PGP SIGNATURE-----
--mvpLiMfbWzRoNl4x--