Privacy (su UID value in desktop entry standard)
C. Gatzemeier
c.gatzemeier at tu-bs.de
Fri Mar 19 13:38:04 EET 2004
Am Freitag, 19. März 2004 05:11 schrieb Linas Vepstas:
> On Thu, Mar 18, 2004 at 08:12:23PM +0100, C. Gatzemeier was heard to remark:
> > If you have KDE running you can try the following, seems to work pretty
> > nice. kdesu -u [user] gnucash
> > (I am sure there are also Gnome etc. variants available)
>
> Yes, this was discussed a bit; It works, but falls somewhat into
> the "put it in a HOWTO" category, since there is some non-trivial
> sysadmin work to set up the 'protected' user.
[...]
I am scratching my head here a little, and wondering what kind of
functionality you are picturing. I think the desktop-su-HOWTO style taste
shoud go away with proper GUI integration.
Let me draw this little scenario:
A future Deskop distribution is set up to boot right into the graphical
desktop logged in as a local guest (or think family) user.
Things can be done just as usual. But if one wants to do somthing private he
obviously will unavoidably need a private account (easily set up). He
notices/can see he has two alternatives.
One he can click on the session aware pager to switch to a parallel running
session, log in, and do anything in his own homedirectory.
Alternatively he just fires up the desired app.
Mail, bookkeeping programs etc. can be installed "asking for
authentication" (install script will have set up a desktop entry with
"prompt-for-run-as-username")
Other apps can also be right-clicked and be "run as..." And of course the
property to "allways run as ..." is there so just the password without extra
username is asked.
Windows running under different UID than the session are titled including
username like "Lokal Folder - KMail [Christian]" and could have a "window
lock" timeout" analogous to xlock.
> Do I need to 'kdesu -u bookeeper konqueror'
> to do graphical file management?
>
> Remember, my goal was to allow my proverbial computer-novice-mom
> to keep her accounting files under lock and key, while otherwise
> keeping the desktop open to all.
I'd picture a system aware filebrowser to just ask our computer-novice-moms
for appropriate user/group passwords when she is about to open her locked
directory or file instead of "accsess denied"
Could it be that easy?
Christian
More information about the xdg
mailing list