sudo for gnome apps
Suvayu Ali
fatkasuvayu+linux at gmail.com
Sat Jul 4 11:21:24 UTC 2009
Hi Konstantin,
On Saturday 04 July 2009 01:48 AM, Konstantin Svist wrote:
> So I've followed your advice and played around with it.
> From what I can tell so far, polkit allows me to give permissions to a
> user -- but it doesn't make them re-enter their password, a la sudo. Or
> am I missing something?
>
> My thinking is that the user should be given access to the system
> settings, but implicitly warned about potential problems by the password
> prompt. More to the point, if the user were to download some [possibly
> malicious] program, it shouldn't have the user's permissions. With
> polkit permissions, the malicious program will have direct access to the
> system; in ubuntu/sudo, user will be asked for password, alerting them
> to the fact that system-wide changes are happening.
> sudo is a good example of what I want -- but I want it in GUI land
When you allow a user for some task, the constraints you specify like,
must be in active session or local console or both should help you
create stricter rules. However I am not sure if either of those prompts
for the user's password. As for sudo being safer, I am not sure that is
a valid argument, polkit shouldn't allow a downloaded program
system-wide access. I am no expert, so can someone who understands this
better please pitch in?
As for your point about the prompt warning the user, that might be a
useful feature request. :)
--
Suvayu
Open source is the future. It sets us free.
More information about the fedora-list
mailing list