1 |
On 2018-11-05 21:40, Dale wrote: |
2 |
> Philip Webb wrote: |
3 |
>> 181105 Dale wrote: |
4 |
>>> Currently I'm using Krusader. It works as root, |
5 |
>>> so I can edit files in /etc, /root and such. |
6 |
>> I can recommend Krusader to any KDE user. |
7 |
>> I do most file management from CLI, but sometimes need heavy lifting. |
8 |
>> If anyone tries it, they should look into its many features : |
9 |
>> there's a PDF help doc available. |
10 |
>> |
11 |
> |
12 |
> |
13 |
> That's my thinking as well. It is different from Konqueror but it does |
14 |
> the job pretty well and seems to be pretty light and fast. The biggest |
15 |
> thing, it allows running as root. |
16 |
> |
17 |
> I've been really busy recently. My Mom was in the hospital for several |
18 |
> weeks, that's a long time here. After that, she was in a nursing home |
19 |
> trying to get her strength back and had a few set backs while there. |
20 |
> She comes home tomorrow and is in better shape than she was over a year |
21 |
> ago. Maybe even a couple years ago. That has kept me busy and pretty |
22 |
> much wore out at times. I have health issues of my own. So, I haven't |
23 |
> been able to really dig deep into Krusader as yet. Basically, I got it |
24 |
> to where I can edit files in /etc and /root and pretty much left it as |
25 |
> is. The one thing I'd like to change, being able to click/double click |
26 |
> on a file and it open. That's how Dolphin and the old Konqueror was |
27 |
> set |
28 |
> up. As it is, you have to hit F4 to edit which opens Kwrite/Kate |
29 |
> depending on settings for text files. I also wish it wouldn't separate |
30 |
> the file name and the extension. I prefer them to be together. Heck, |
31 |
> I |
32 |
> might use Krusader as a regular user if I could get that last one |
33 |
> configured right. ;-) |
34 |
> |
35 |
> I really do need to research that more. Do you have a link to that |
36 |
> pdf? I'm on version 2.7.1. but any recent version would be nice. |
37 |
> |
38 |
> Thanks. |
39 |
> |
40 |
> Dale |
41 |
> |
42 |
> :-) :-) |
43 |
|
44 |
I've been reading through this discussion and seen several references to |
45 |
"run as root". As I've been guilty of doing that myself for a while (and |
46 |
not realizing it was actually actively prevented since some time), I |
47 |
decided to look into the reasoning why it's not possible anymore. |
48 |
|
49 |
Apparently, it wasn't taken lightheartedly. The reasoning behind it was |
50 |
that the terminal (which also has root now) can be activated and used by |
51 |
injecting keystrokes (through XTest). Whether that's a concern of the |
52 |
end user is up for them to decide (if you don't allow any external party |
53 |
to access your system by not allowing ssh etc. you'd basically be |
54 |
perfectly safe), but it's an interesting backdoor. However, KDE also |
55 |
planned to bring in a more fine-grained approach by allowing KIO to use |
56 |
PolicyKit to allow editing of restricted files. This would mean that |
57 |
Dolphin, KWrite and Kate all get their "root" back, but in the form of a |
58 |
"you require elevated rights to do this, please specify your password" |
59 |
which can be protected better. |
60 |
|
61 |
Then again, this raises the issue of whether PolicyKit is such a great |
62 |
feature. I've been having problems with that myself as it can and will |
63 |
be DoS'd when it gets too many requests (had a rogue libvirt client |
64 |
which did several requests all of which needed to go through PolicyKit |
65 |
to verify access). While the failure mode is safe, it will block any |
66 |
attempt at authorizing, it's a big nuisance because other things may |
67 |
depend on it. |
68 |
|
69 |
Lastly, Qt also advises against being used under root due to the sheer |
70 |
scope of the project which would mean that even krusader might not be |
71 |
totally safe. |
72 |
|
73 |
I wanted to share this for those that read this discussion to reiterate |
74 |
the implications allowing root, and allowing it in these GUI |
75 |
applications. Of course, if it works for you and you don't see any risk, |
76 |
by any means go for it. But also keep in mind that there are apparently |
77 |
fair reasons behind this change. That said, I also started to look into |
78 |
krusader and I might use it more. |
79 |
|
80 |
Greetings, |
81 |
|
82 |
Daniel Sonck |