[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: sudo for gnome apps



Hi Konstantin,

On Saturday 04 July 2009 01:48 AM, Konstantin Svist wrote:
So I've followed your advice and played around with it.
From what I can tell so far, polkit allows me to give permissions to a
user -- but it doesn't make them re-enter their password, a la sudo. Or
am I missing something?

My thinking is that the user should be given access to the system
settings, but implicitly warned about potential problems by the password
prompt. More to the point, if the user were to download some [possibly
malicious] program, it shouldn't have the user's permissions. With
polkit permissions, the malicious program will have direct access to the
system; in ubuntu/sudo, user will be asked for password, alerting them
to the fact that system-wide changes are happening.
sudo is a good example of what I want -- but I want it in GUI land

When you allow a user for some task, the constraints you specify like, must be in active session or local console or both should help you create stricter rules. However I am not sure if either of those prompts for the user's password. As for sudo being safer, I am not sure that is a valid argument, polkit shouldn't allow a downloaded program system-wide access. I am no expert, so can someone who understands this better please pitch in?

As for your point about the prompt warning the user, that might be a useful feature request. :)

--
Suvayu

Open source is the future. It sets us free.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]