[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Feedback on new gksu features

From: Gustavo Noronha Silva
Subject: Feedback on new gksu features
Date: Sun, 17 Jul 2005 16:23:01 +0300


I've been working on implementing new features and fixing problems in
gksu. I'd like to ask for feeback on a specific feature that has been
added by applying a modified patch -- originally done by Szilard Novaki
<address@hidden> and modified by me -- and on a feature
request that came from ubuntu users.

I'm CC'ing the debian-gtk-gnome list as Debian is my main testing and
development ground for gksu.

Here's the problem: currently gksu asks for the password and if it is
correctly given and gnome-keyring is available it will want to store it.
Next time it runs, unless always-ask-password option is trigered it will
try to grab the password automatically from the keyring. Some detailes:

     1. gksu the app knows nothing about the gnome-keyring stuff, it is
        hiden inside a more generic new API function in libgksu
     2. the default keyring is used, which means the root password is
        going to be stored forever and never asked anymore unless it
        changes or the user uses gnome-keyring-manager to delete that
     3. when gksu/gksudo do not need a password to run the program they
        will show nothing to notify the user something which requires
        root powers is going on

Perhaps I could have the gnome-keyring stuff not be generic, but
explicitely supported by libgksu, which would finally make it no more
'desktop-agnostic' API-wise so gksu app will be able to decide somehow
if the user wants to store the password and to which keyring.

For the second problem, maybe I could use the session keyring by
default, thus requesting that the user types the password again at least
once per session. Allowing the admin/user to select which keyring they
want to use is planned.

Third problem also has something in common with some people's complaint
that gksudo will simply take advantage of sudo's timeout and run stuff
without requesting the password. Should gksu show a dialog warning what
it's going to do before actually performing the command with root power?

You can see some examples of confusion caused by this here:

(the solution proposed at this one looks pretty difficult to implement,
though, unless gksudo also uses the gnome-keyring instead of relying on
sudo's timestamp)

I'd like to hear your advice on this matter.

Thanks and cheers from Helsinki!,

address@hidden: Gustavo Noronha <http://people.debian.org/~kov>
Debian:  <http://www.debian.org>  *  <http://www.debian-br.org>

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]