Gufw

gufw's handling of sudo

Asked by Bryan Moore

i don't think this is described anywhere else and this may be a feature-request, but how does gufw handle sudo; meaning, to launch it requires root privileges, but shouldn't it only require root to make changes? basically, gufw should launch as the user and only when changes are made require a root password... yes?

Question information

Language:
English Edit question
Status:
Solved
For:
Gufw Edit question
Assignee:
No assignee Edit question
Solved by:
Bryan Moore
Solved:
Last query:
Last reply:
Revision history for this message
Vadim Peretokin (vperetokin) said : 		#1

Gufw needs root privs to read data from from ufw to begin with (try doing "ufw status" without root).

The other, and way more complicated way is to make a separate daemon that runs as root and allows gufw to be able to read values without root, but ask for password when changing. However only to delay asking for password will take quite a lot of work.

So unless someone makes a patch, it's not all too useful.

Revision history for this message
Bryan Moore (moore-bryan) said : 		#2

hmm... seems like a strange way to go about it for ubuntu. in my experience, programs such as gufw run as a user and require root password only to make changes; however, i understand the need for sudo to even read ufw status. does that really make sense, though?

Revision history for this message
Vadim Peretokin (vperetokin) said : 		#3

Eh, it doesn't matter that much. Synaptic asks for password at start too.

Better practice is to ask only when needed, that is true - but in our case, we need it right away...