this post was submitted on 15 Apr 2024
89 points (86.8% liked)
Linux
48364 readers
1314 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You don't need to run any GUI programs as root.
Now this is actually wrong. Firewall gui for example requires root. There are similar sysadmin guis that need it too
Sysadmin GUI tools are designed to be secure by isolating GUI from privileged process. That is not true for a random GUI app.
No. It's ”you probably shouldn't run them with sudo” , many GUIs need root for certain tasks. I recommend using
pkexec
instead of sudo, you can add it to the .desktop file and when you launch the application it'll give you a GUI authentication prompt.Probably? They won't run with
sudo
normally (in xorg at least). And only those explicitly allowed to be run withpkexec
by maintainers will do. Of course it is possible to evade this restriction, but you definitely should not.There's plenty of GUI applications that'll run just fine with sudo. For example BleachBit.
The commonality between these applications is when they were written, what (outdated) toolkit they use, etc.
Sudo is just not made for use with GUI and can possibly lead to bad behavior.
pkexec
leverages PAM & Polkit and is intended for GUIs.It's not when app was written. Wayland apps probably work with sudo, x11 don't because sudo does not pass the
$DISPLAY
environment variable. It's a correct behavior of sudo because running x11 apps with root permission you create a security hole.sudo -E
I know. Don't do this. Read the manual.
Polkit was created in 2009 & PAM was created in 1995. GNU dates back to 1984, so... There's still quite a handful of programs that are likely still maintained to this day that don't properly take advantage of them or other auth systems made to be able to handle GUIs in a secure fashion. BleachBit being released in 2008, predates Polkit and afaik, bleachbit doesn't leverage polkit by default, at least not on Arch.
Idk what is bleachbit. But I know that "auth systems" can't "handle GUIs in a secure fashion". The app itself can be secure or not. By default they are not secure if they provide a GUI running in privileged process.
gksu, kdesu, sux, & polkit. All of which are privilege elevation frameworks that can securely obtain the required privileges without running GUI applications directly as root. Granted you may need to configure PAM & Polkit's policies to make them more secure.
The problem with sudo is that it runs the entire GUI application as Root; at least by default behavior. These frameworks are the proper way.
BleachBit is a cross-platform disk space cleaner that was based on Python, PyGTK, & GTK2 and then later ported to Python 3 & GTK3. BleachBit on Linux never prompts the user for authentication for operations requiring elevated privileges, it just fails with "permission denied". Inturn you can use
sudo
, or the by far more recommended and safer optionsgksudo
/gksu
&pkexec
. In this case, a user can 100% make the mistake of using sudo, and while it's not inherently problematic for this specific case, as we've already discussed it's still risky.gksu
andkdesu
are unsupported for >10 years iirc, they were not more secure thansudo
and that's one of the reasons they were abandoned. I've never heard aboutsux
. Polkit is a bit another thing that indeed replaced them, however it does not and can not separate GUI and non-GUI processes. The process itself has to fork, drop privileges and draw a GUI after that. There's no difference between running it viasudo
orpkexec
, however polkit provide additional protections to prevent running unsafe apps with elevated privileges.PAM and GVFS are not "privilege elevation frameworks" whatever you mean by this.
I know.
No, they were, barely, but they were, they were wrappers around sudo that provided "a more user-friendly and secure way to run graphical applications with elevated privileges, by handling environment variables and permissions better than using sudo directly."
They've been deprecated in favor of
pkexec
.sux is wrapper around su which transfers your X credentials, it sucks, don't use it.
pkexec literally uses Polkit and PAM under the hood.
You're right, PAM is an authentication framework and GVFS is a whole other thing that leverages polkit and authentication agents. My bad.
Nope. Running GUI as root in the same X server as unprivileged apps is insecure because each of them can take control over privileged window. IDK if this issue has been addressed in Wayland, but anyway there are no wayland-only distros nowadays.
Now i question why the whole GUI needs to run as root (even in working default config) instead of just the tool running the command with root.
But not gparted.
There's one in every thread.
I have no idea what you are talking about. The answer to your question is: this is impossible and this is done for purpose. Don't try to work in linux like in windows.
Your attitude.
It's not attitude they are giving you. It's strong recommendation. It's the strong recommendation of the entire Linux community.
Sudo is different than run as admin and is not intended to be used to do things the way Windows does them.