diff options
Diffstat (limited to 'tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook')
-rw-r--r-- | tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook | 80 |
1 files changed, 40 insertions, 40 deletions
diff --git a/tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook b/tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook index 81c03aeb271..5f1d74613f8 100644 --- a/tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook +++ b/tde-i18n-en_GB/docs/kdebase/kdesu/index.docbook @@ -1,8 +1,8 @@ <?xml version="1.0" ?> <!DOCTYPE book PUBLIC "-//KDE//DTD DocBook XML V4.2-Based Variant V1.1//EN" "dtd/kdex.dtd" [ - <!ENTITY kappname "&kdesu;"> - <!ENTITY package "kdebase"> + <!ENTITY kappname "&tdesu;"> + <!ENTITY package "tdebase"> <!ENTITY % addindex "IGNORE"> <!ENTITY % British-English "INCLUDE" > <!-- change language only here --> @@ -12,7 +12,7 @@ <bookinfo> <title ->The &kdesu; handbook</title> +>The &tdesu; handbook</title> <authorgroup> <author @@ -52,7 +52,7 @@ <abstract ><para ->&kdesu; is a graphical front end for the &UNIX; <command +>&tdesu; is a graphical front end for the &UNIX; <command >su</command > command.</para ></abstract> @@ -75,14 +75,14 @@ >Introduction</title> <para ->Welcome to &kdesu;! &kdesu; is a graphical front end for the &UNIX; <command +>Welcome to &tdesu;! &tdesu; is a graphical front end for the &UNIX; <command >su</command -> command for the K Desktop Environment. It allows you to run a program as different user by supplying the password for that user. &kdesu; is an unprivileged program; it uses the system's <command +> command for the K Desktop Environment. It allows you to run a program as different user by supplying the password for that user. &tdesu; is an unprivileged program; it uses the system's <command >su</command >.</para> <para ->&kdesu; has one additional feature: it can remember passwords for you. If you are using this feature, you only need to enter the password once for each command. See <xref linkend="sec-password-keeping"/> for more information on this and a security analysis.</para> +>&tdesu; has one additional feature: it can remember passwords for you. If you are using this feature, you only need to enter the password once for each command. See <xref linkend="sec-password-keeping"/> for more information on this and a security analysis.</para> <para >This program is meant to be started from the command line or from <filename @@ -93,16 +93,16 @@ </chapter> -<chapter id="using-kdesu"> +<chapter id="using-tdesu"> <title ->Using &kdesu;</title> +>Using &tdesu;</title> <para ->Usage of &kdesu; is easy. The syntax is like this:</para> +>Usage of &tdesu; is easy. The syntax is like this:</para> <cmdsynopsis ><command ->kdesu</command +>tdesu</command > <arg >USER</arg > <arg @@ -141,7 +141,7 @@ <cmdsynopsis ><command ->kdesu</command +>tdesu</command > <group > <arg >-v</arg @@ -167,7 +167,7 @@ ><para >This specifies the program to run as root. It has to be passed in one argument. So if, for example, you want to start a new file manager, you would enter at the prompt: <userinput ><command ->kdesu <option +>tdesu <option >-c <replaceable >kfm -sw</replaceable ></option @@ -185,11 +185,11 @@ ></term> <listitem ><para ->This option allow efficient use of &kdesu; in <filename +>This option allow efficient use of &tdesu; in <filename >.desktop</filename -> files. It tells &kdesu; to examine the file specified by <parameter +> files. It tells &tdesu; to examine the file specified by <parameter >FILE</parameter ->. If this file is writable by the current user, &kdesu; will execute the command as the current user. If it is not writable, the command is executed as user <parameter +>. If this file is writable by the current user, &tdesu; will execute the command as the current user. If it is not writable, the command is executed as user <parameter >USER</parameter > (defaults to root).</para> <para @@ -202,7 +202,7 @@ >, it is taken as an absolute filename. Otherwise, it is taken as the name of a global &kde; configuration file. For example: to configure the K display manager, <application >kdm</application >, you could issue <command ->kdesu <option +>tdesu <option >-c kdmconfig -f kdmrc</option ></command ></para @@ -283,7 +283,7 @@ ></term> <listitem ><para ->Stop the kdesu daemon. See <xref linkend="sec-password-keeping"/>.</para +>Stop the tdesu daemon. See <xref linkend="sec-password-keeping"/>.</para ></listitem> </varlistentry> </variablelist> @@ -295,8 +295,8 @@ >Configuration</title> <para ->&kdesu; comes with a control module named <application ->kcmkdesu</application +>&tdesu; comes with a control module named <application +>kcmtdesu</application >. You can find it in the <guimenu >K</guimenu > menu under <menuchoice @@ -327,7 +327,7 @@ ></term> <listitem ><para ->You can instruct &kdesu; remember passwords you enter by checking the <guilabel +>You can instruct &tdesu; remember passwords you enter by checking the <guilabel >keep password</guilabel > check box. If this checked, you can enter a timeout value in the text field below it. This is the amount of time, in minutes, that the password will be remembered. The default is not to remember passwords.</para ></listitem> @@ -345,12 +345,12 @@ >X authentication</title> <para ->The program you execute will run under the root user id and will generally have no authority to access your X display. &kdesu; gets around this by adding an authentication cookie for your display to a temporary <filename +>The program you execute will run under the root user id and will generally have no authority to access your X display. &tdesu; gets around this by adding an authentication cookie for your display to a temporary <filename >.Xauthority</filename > file. After the command exits, this file is removed. </para> <para ->If you don't use X cookies, you are on your own. &kdesu; will detect this and will not add a cookie but you will have to make sure that root is allowed to access to your display.</para> +>If you don't use X cookies, you are on your own. &tdesu; will detect this and will not add a cookie but you will have to make sure that root is allowed to access to your display.</para> </sect1> @@ -361,21 +361,21 @@ ></title> <para ->&kdesu; uses the sytem's <command +>&tdesu; uses the sytem's <command >su</command -> for acquiring priviliges. In this section, I explain the details of how &kdesu; does this. </para> +> for acquiring priviliges. In this section, I explain the details of how &tdesu; does this. </para> <para >Because some <command >su</command > implementations (&ie; the one from &RedHat;) don't want to read the password from <literal >stdin</literal ->, &kdesu; creates a pty/tty pair and executes <command +>, &tdesu; creates a pty/tty pair and executes <command >su</command > with it's standard filedescriptors connected to the tty.</para> <para ->To execute the command the user selected, rather than an interactive shell, &kdesu; uses the <option +>To execute the command the user selected, rather than an interactive shell, &tdesu; uses the <option >-c</option > argument with <command >su</command @@ -394,9 +394,9 @@ <para >Instead of executing the user command directly with <command >su</command ->, &kdesu; executes a little stub program called <application ->kdesu_stub</application ->. This stub (running as the target user), requests some information from &kdesu; over the pty/tty channel (the stub's stdin and stdout) and then executes the user's program. The information passed over is: the X display, an X authentication cookie (if available), the <envar +>, &tdesu; executes a little stub program called <application +>tdesu_stub</application +>. This stub (running as the target user), requests some information from &tdesu; over the pty/tty channel (the stub's stdin and stdout) and then executes the user's program. The information passed over is: the X display, an X authentication cookie (if available), the <envar >PATH</envar > and the command to run. The reason why a stub program is used is that the X cookie is private information and therefore cannot be passed on the command line.</para> @@ -407,7 +407,7 @@ >Password Checking</title> <para ->&kdesu; will check the password you entered and gives an error message if it is not correct. The checking is done by executing a test program: <filename +>&tdesu; will check the password you entered and gives an error message if it is not correct. The checking is done by executing a test program: <filename >/bin/true</filename >. If this succeeds, the password is assumed to be correct.</para> @@ -418,28 +418,28 @@ >Password Keeping</title> <para ->For your comfort, &kdesu; implements a <quote +>For your comfort, &tdesu; implements a <quote >keep password</quote > feature. If you are interested in security, you should read this paragraph.</para> <para ->Allowing &kdesu; to remember passwords opens up a (small) security hole in your system. Obviously, &kdesu; does not allow anybody but your user id to use the passwords, but, if done without caution, this would lower <systemitem class="username" +>Allowing &tdesu; to remember passwords opens up a (small) security hole in your system. Obviously, &tdesu; does not allow anybody but your user id to use the passwords, but, if done without caution, this would lower <systemitem class="username" >root</systemitem >'s security level to that of a normal user (you). A hacker who breaks into your account, would get <systemitem class="username" >root</systemitem -> access. &kdesu; tries to prevent this. The security scheme it uses is, in my opinion at least, reasonably safe and is explained here.</para> +> access. &tdesu; tries to prevent this. The security scheme it uses is, in my opinion at least, reasonably safe and is explained here.</para> <para ->&kdesu; uses a daemon, called <application ->kdesud</application +>&tdesu; uses a daemon, called <application +>tdesud</application >. The daemon listens to a &UNIX; socket in <filename >/tmp</filename -> for commands. The mode of the socket is 0600 so that only your user id can connect to it. If password keeping is enabled, &kdesu; executes commands through this daemon. It writes the command and <systemitem class="username" +> for commands. The mode of the socket is 0600 so that only your user id can connect to it. If password keeping is enabled, &tdesu; executes commands through this daemon. It writes the command and <systemitem class="username" >root</systemitem >'s password to the socket and the daemon executes the command using <command >su</command >, as describe before. After this, the command and the password are not thrown away. Instead, they are kept for a specified amount of time. This is the timeout value from in the control module. If another request for the same command is coming within this time period, the client does not have to supply the password. To keep hackers who broke into your account from stealing passwords from the daemon (for example, by attaching a debugger), the daemon is installed set-group-id nogroup. This should prevent all normal users (including you) from getting passwords from the <application ->kdesud</application +>tdesud</application > process. Also, the daemon sets the <envar >DISPLAY</envar > environment variable to the value it had when it was started. The only thing a hacker can do is execute an application on your display.</para> @@ -460,13 +460,13 @@ >Author</title> <para ->&kdesu;</para> +>&tdesu;</para> <para >Copyright 2000 &Geert.Jansen;</para> <para ->&kdesu; is written by &Geert.Jansen;. It is somewhat based on Pietro Iglio's &kdesu;, version 0.3. Pietro and I agreed that I will maintain this program in the future.</para> +>&tdesu; is written by &Geert.Jansen;. It is somewhat based on Pietro Iglio's &tdesu;, version 0.3. Pietro and I agreed that I will maintain this program in the future.</para> <para >The author can be reached through email at &Geert.Jansen.mail;. Please report any bugs you find to me so that I can fix them. If you have a suggestion, feel free to contact me.</para> |