Mini-proposal for Elevated User Privileges in menu-spec

Sat May 14 03:34:37 EEST 2005

In October 2004, it was discussed how to handle elevated privileges:

The proposed idea was shot down with most(?) siding with sudo as being
good enough.  So I have a different proposal.

If the menu-spec contained an optional field such as "RequiresRoot=yes"[1]
then the various desktop environments could decide how to implement
running applications with elevated privileges.

Right now in Ubuntu, gksudo is hard-coded into all .desktop exec entries. 
So for example, the line for Synaptic would be "gksudo synaptic".  This is
alright in Gnome, but what about if a user runs Synaptic in KDE?  It'd be
better for KDE as well as Gnome to be able to read the field and use their
own sudo, su, whatever frontend.

This has arisen from the discussion of improving gksudo in Ubuntu[2]. 
Right now the user is asked for their password in an unfriendly way.  If
the launching program for the desktop environment was able to distinguish
between the need for root and non-root programs then information could
also be extracted from the .desktop file (such as the translated program
name) to provide more context for the user about what application is
asking for their password.

Thanks for your consideration.

Jay Camp


More information about the xdg mailing list