Re: Secure privilege escalation

[James Carthew]

I've pushed the power module to my public repository if anyone wants to play around with it. It uses SystemD to handle the power management settings I figure that OSX already has SystemPreferences so my implementation is targeting modern Linux distributions.

On Mon, 3 Feb 2025 at 21:33, Riccardo Mottola <riccardo.mottola@libero.it> wrote:

Hi,

Ethan C wrote:
> I would recommend that if you don't use polkit and you don't use a
> setuid binary, that you use sudo. sudo accepts the `-A` flag or the
> `SUDO_ASKPASS` environment variable to specify a graphical program to
> tell sudo the password; examples of programs that do this are
> `ssh-askpass` <https://packages.debian.org/unstable/ssh-askpass>,
> `gnome-ssh-askpass`
> <https://packages.debian.org/sid/ssh-askpass-gnome>, `ksshaskpass`
> <https://invent.kde.org/plasma/ksshaskpass>, and
> `lxqt-openssh-askpass` <https://github.com/lxqt/lxqt-openssh-askpass>.
> If you don't want to write an askpass binary using GNUstep-GUI, I'd
> recommend that you depend on `gnome-ssh-askpass` since almost all
> graphical users will have Gtk installed and have a desktop environment
> which properly handles Gtk applications (the desktop environments
> normally do /not/ set `SUDO_ASKPASS` or `SSH_ASKPASS`; you'll need to
> set it yourself when you call `sudo`).

aha, thanks for the info: I must look into that. Providing an GSAskPass
then is what I need in GAP!

I will start playing ysing another ask pass and then switch over perhaps.

Riccardo