auth_admin_keep_always discrepancy
David Zeuthen
david at fubar.dk
Fri Sep 18 08:34:20 PDT 2009
Hey,
Sorry for the lag,
On Mon, 2009-09-14 at 17:35 +0100, James Westby wrote:
> On Sat Sep 12 21:30:54 +0100 2009 David Zeuthen wrote:
> > > The agents should unify on this (though this version of polkit is almost
> > > deprecated), so which interpretation is correct?
>
> Thanks for the response David.
>
> You didn't answer this question though.
>
> While it is deprecated I think it is important for those that are still shipping this
> version of polkit to fix this, as a mechanism author at the moment can't allow users
> to keep an authorization on GNOME while not having them keep it by default on KDE.
I don't think either GNOME or KDE is wrong or right here. If I
understand correctly the KDE authentication dialog for PolicyKit 0.9.x
simply doesn't allow the user to not retain the authorization? I think
that's fine, the check-box in the GNOME dialog isn't really that useful
anyway (and that's why this check-box isn't in PolicyKit 1.0).
I'm not sure how this affects authors of Mechanisms either - I mean, if
the author of a Mechanism decides that auth_self_keep_always is a good
default (because the action isn't very "dangerous") then it's all good.
If the action was "dangerous" (such as installing an unsigned package)
the mechanism author would choose not to allow the user to keep the
authorization.
Hope this clarifies.
David
More information about the polkit-devel
mailing list