yum+mach2 for fedora-development tree pseudo-release

[seth vidal]

> There's a big conceptual problem with that approach that I still don't
> have a satisfying answer for.
> 
> Mach is meant to be run as user - I know way too little about security
> to be trusted to write perfectly safe python code.  That's the biggest
> reason why mach-helper exists, and people tell me that this is indeed
> the smartest route to take.  Of course it'd be easier for me as a
> programmer to just do everything in python.  But if we did, then we'd
> need a good way of gaining and then dropping privileges for these
> operations, and I'd still feel very insecure about having written
> something potentially very harmful.
> 
> I've looked for other projects that have similar security issues, but
> haven't found any of them tackling this particular problem.
> Suggestions ?

What about the dbus suggestion? Have the client emit dbus events and
have a root-running daemon listen for them to do what they wished. That
way the suid root binary doesn't need to exist unless you want the
daemon to not run as root.

thoughts?
-sv