Execute as Root GUI Admin Interfaces
Rick Stuart
stuart.cr at gmail.com
Thu Aug 10 18:41:48 UTC 2006
Originally: Re: Fedora usability : a new project? (Rick Stuart)
> From: Rahul <sundaram at redhat.com>
>
>
> Rick Stuart wrote:
>
>> I welcome this idea! I have asked many folks about what they like and
>> dis like about Linux and I only get prejudiced statements. If you sit
>> someone ( a familiar and comfortable user of Windows) in front of your
>> pride and joy 64-bit Fedora Core 5 install and invite them to try it
>> out, they will fail to see any value. If you help them find their way
>> to stuff, they will certainly hit a brick wall that you have to fix by
>> opening a terminal window, and then it's all over.
>>
>> Here are a couple of suggestions:
>>
>> Provide an option to configure users with sufficient privileges so that
>> they can enter their OWN password for administrative access instead of
>> ROOT's. ( /usr/bin/system-config-* linked to "consolehelper" ) For a
>> good model, check out UBUNTU......sorry about your toes. Something like
>> /etc/consolehelpers a-la /etc/sudoers.
>>
>
> That isnt really a good model.
>
> https://www.redhat.com/archives/fedora-extras-list/2006-July/msg00814.htm
>
> From: David Nielsen <david at lovesunix.net>
>
>
>
> PolicyKit should provide this functionality the right way. I don't know
> if we have an ETA on this being useful but I would rather wait for a
> proper fix than use priviliage escalation that can introduce problems
> like horrid security . having to audit half a million lines of GTK+ code
> because it now runs as root and any slight bug could take down the
> system is my very definition of not funny.
>
>
PolicyKit looks interesting based on the discussions Rahul included.
Correct me if I got it wrong, but would PolicyKit allow an administrator
to set people up so they can do certain things as administrators (like
mounting a disk) ? It looked like the user gets no challenge for
authorization if they are set up to be able to do that. I actually
think that is a problem. I think that when someone is executing with
root privileges, they should be aware of it and consider whether they
meant to do that. That is why I suggested a [SUDO]consolehelper. I am
assuming that Rahul was referring to that as being a bad model. I
agree that giving everyone this ability like UBUNTU does it is a
problem. However, I do not agree that setting policies for a user and
not reminding him/her what their action implies is any better.
In our corporate Windows world, we can set domain policies and local
policies that give people more administrative rights. We then invest
much more support time trying to unravel what they accidentally did
because they had elevated privileges and got no warnings when they
mis-stepped. Our Linux desktops have very few such problems even though
we have a fairly large number of "sudoers" who can do root level tasks,
but have to do so intentionally. These sudoers don't need or want the
root password, but they can do their jobs without problems as long as
they know the CLI commands to do it. We have started reducing Windows
users default admin rights and force them to intentionally (and
temporarily) elevate themselves to do admin tasks. The biggest problem
is the fact that they have to log out and in to get the elevated rights
on Windows.
Note also that MicroSoft has started popping up a lot more warnings
asking people if they REALLY want to install the Trojan binary. People
hate it, but what can you do?
I realize this may fit better in a security discussion, but I consider
it a basic usability issue so I am throwing it out here.
Thanks,
Rick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-desktop-list/attachments/20060810/e2e98daa/attachment.htm>
More information about the Fedora-desktop-list
mailing list