Forum: SuRun English speaking RSS
SuRun tutorial
tlu #1
Member since Mar 2008 · 45 posts
Group memberships: Mitglieder
Show profile · Link to this post
Subject: SuRun tutorial
Hello,

there is a nice SuRun tutorial in English on http://www.dedoimedo.com/computers/surun.html

Worth a look!

Greetings,

Thomas
Kay (Administrator) #2
User title: Weltverbesserer
Member since Nov 2007 · 1507 posts · Location: Magdeburg
Group memberships: Administratoren, Mitglieder
Show profile · Link to this post
Thanks for telling about the tutorial.

I just read it and think it is a good starting point for using SuRun.

Unfortunately Mrk seemed to misunderstand a few things:

Users must enter their password is very important. It's one of the basic foundations of the SUDO mechanism.

This is not necessarily correct as SuRun does not need any password nor store it anymore. SuRun just adds the privileges of the administrators group to the existing user token.
SuRun's ask for user password option just checks if the given password is correct and then it trashes the password by writing zeros to the password RAM location.
Also Malware cannot press the "OK"-Button, so it's pretty safe to just ask for OK without a password.

Mrk's recommended options for programs in the program list are of no use.
These options are SuRun defaults for all apps in the system.
An app in the program list should have at least one of both options not in the first place checked, else it is treated as every other app in the system.

I think that Mrk did not know that SuRun asks questions on a safe desktop and thus he recommends using passwords.
I fact using passwords makes SuRun theoretically less safe, as passwords are stored in RAM (for just a millisecond) and because SuRun calls LogonUser with that password. This API could be hooked by a password spy.
But as I wrote this is just theoretically! ;-)

Thats all about what's wrong.

I really appreciate Mrk for writing this tutorial! He did a great job.

This gives me some time for not writing the english manual ;-)
Mrkvonic #3
User title: Muchos Geekos
Member since Dec 2008 · 1 post · Location: Ring 0
Group memberships: Mitglieder
Show profile · Link to this post
Hello,

Mrk here ... Thank you for taking the time to read.

1) Regarding passwords, I understand that the password is not necessary. In theory, you don't need them in Linux either, although it's considered weak/bad password policy. I think the password is important to prevent unauthorized changes to the system by OTHER USERS from your own account. Not necessarily malware. I was not thinking about malware. I was thinking kids, father, brother, friends ... people who like to do things the wrong way.

2) As to the programs. Thanks for pointing out the difference. I assumed that you needed to add the applications to be used as default, rather than add them to be treated as NOT default. I'll change the article accordingly.

Thanks!

Mrk
Kay (Administrator) #4
User title: Weltverbesserer
Member since Nov 2007 · 1507 posts · Location: Magdeburg
Group memberships: Administratoren, Mitglieder
Show profile · Link to this post
Wow, you're fast!
I just wanted to write an eMail to you ;-).

I'm happy you got SuRuns functionality right.
The password stuff is mostly used for scenarios where the system is left unattended... as you assumed :-)
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
Not logged in. · Lost password · Register
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Page created in 74.4 ms (35.2 ms) · 57 database queries in 14.3 ms
Current time: 2019-05-24, 19:37:18 (UTC +02:00)