Give Authorizations via yes/no dialog
Patryk Zawadzki
patrys at pld-linux.org
Sun Jul 20 06:40:23 PDT 2008
On Sun, Jul 20, 2008 at 3:24 PM, - - <gnomeuser8 at googlemail.com> wrote:
> From: gnomeuser8 at googlemail.com
> Date: 2008/7/19
> Subject: Give Authorizations via yes/no dialog
> To: polkit-devel at lists.freedesktop.org
>
>
> Currently I can choose pam authentication (with my password) or pam
> authentication as admin (with admin password). I would like to
> authenticate with simply clicking on yes or no to give the application
> the authorization.
>
> You already grab the pointer, I think, so only I can do this and not
> any malware. This also does increase security: Malware could simulate
> a policykit authorization dialog for an easy thing (access to
> USB-Stick), you enter your password and then it can use sudo to get
> root rights. When it simulate an yes/no dialog the malware can't do
> anything with your answer. ;)
>
> The authorization should be kept indefinitely for the local active
> session and the same application. You already said you trust this
> application, why you shouldn't say the same next day?
Forgive me if I'm high on some weird FOSS weed but isn't polkit about
authorizing users as opposed to applications? All applications
installed are trusted equally. The dialogs are only there for desktop
systems where there is no admin to grant you the necessary rights
(otherwise we'd see all users run X as root which brings us back to
the old Windows era).
Also you might like to double check your first and last name as to me
they look like dashes.
--
Patryk Zawadzki
PLD Linux Distribution
More information about the polkit-devel
mailing list