Hi Konstantin, On Saturday 04 July 2009 01:48 AM, Konstantin Svist wrote:
So I've followed your advice and played around with it. From what I can tell so far, polkit allows me to give permissions to a user -- but it doesn't make them re-enter their password, a la sudo. Or am I missing something? My thinking is that the user should be given access to the system settings, but implicitly warned about potential problems by the password prompt. More to the point, if the user were to download some [possibly malicious] program, it shouldn't have the user's permissions. With polkit permissions, the malicious program will have direct access to the system; in ubuntu/sudo, user will be asked for password, alerting them to the fact that system-wide changes are happening. sudo is a good example of what I want -- but I want it in GUI land
When you allow a user for some task, the constraints you specify like, must be in active session or local console or both should help you create stricter rules. However I am not sure if either of those prompts for the user's password. As for sudo being safer, I am not sure that is a valid argument, polkit shouldn't allow a downloaded program system-wide access. I am no expert, so can someone who understands this better please pitch in?
As for your point about the prompt warning the user, that might be a useful feature request. :)
-- Suvayu Open source is the future. It sets us free. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
