libhal-policy -> PolicyKit

Artem Kachitchkine Artem.Kachitchkin at Sun.COM
Wed Mar 8 10:38:28 PST 2006

Let me take one step back, 'cause David is way way ahead of what I can grasp in 
terms of requirements for the feature being designed.

In the imperfect world around me, authentication and system administration are 
distinct tasks. Getting information about the rights (authorizations, 
permissions, privileges, etc) a user has and using these rights is typically 
lightweight and often transparent. Modifying the rights requires using separate 
tools, typically requiring to log in to sysadmin account or temporarily assume a 
syadmin role.

My limited understanding of David's is that it molds together authentication and 
system administration. I.e. in the imperfect world of today when I get an "you 
need privilege XYX you don't have" error, I go and use a sysadmin tool to fix 
that. In the perfect world of tomorrow, administration will happen at the tip of 
my fingers in the same UI I'm running the application, by just entering a magic 
password and clicking "Give me the missing privilege". Is this the idea? I 
wonder how much simplicity and security is sacrificed to achieve that goal.

Going back to the use case, the user is asked to enter root password. In an 
enterprise environment, I don't believe that a sysadmin will be willing to come 
up to the user's desktop and enter his password. In a personal desktop 
environment, I am so happy to see the need for the root password and account 
being reduced: e.g. I don't believe I ever needed a root password in Ubuntu, I 
just use my own password to acquire privileges that are permitted for me, but 
not granted by default. How will this fine model going to be affected by polkit?

thanks for your patience,

More information about the hal mailing list