Re: [Discuss-gnuradio] out-of-tree module without root privileges

[Sylvain Munaut]

Hi,


>> Once you authorize someone to use sudo, he _is_root for all intents
>> and purposes, you realize that right ?
>
> In general that's not true, you can just allow some specific
> commands via sudo.

True, but "allow specific commands" is _really_ hard if you don't
understand _everything_ about those commands and what they can do.


> Assuming the install operation requires a fixed set of commands,
> you could
> - make a script 'install_oot' doing exactly what is required,

Unless you want to target _one_ specific OOT, that's going to be hard
... unless you authorize the 'install' binary used in the 'make
install' step, but at that point you've essentially allowed root
access since the user can now replace arbitrary file on the system
with arbitrary permission, giving them root. And some OOT install
things like udev rules ... which are run as root, at which point
you've again given root to all users. The ways to get this wrong are
nearly endless here ...

Even if you somehow managed to avoid all those traps, the users would
still be able to install executable code in shared / system wide
directories of GR. At this point other users could me made to execute
arbitrary code by just running any GR app and if the admin normal user
is one of those users actually using GR, you've again given root ...
(or at the very least, given each user the ability to do anything as
any other user).


All in all, it's a terrible idea and it's better to have users be able
to install OOT in a private dir and instruct GR to go look there.


Cheers,

   Sylvain