Mini-proposal for Elevated User Privileges in menu-spec
Waldo Bastian
bastian at kde.org
Sun May 15 16:40:45 EEST 2005
On Saturday 14 May 2005 02:34, jayc at clemson.edu wrote:
> In October 2004, it was discussed how to handle elevated privileges:
>
> http://lists.freedesktop.org/archives/xdg/2004-October/005110.html
>
> The proposed idea was shot down with most(?) siding with sudo as being
> good enough. So I have a different proposal.
>
> If the menu-spec contained an optional field such as "RequiresRoot=yes"[1]
> then the various desktop environments could decide how to implement
> running applications with elevated privileges.
>
> Right now in Ubuntu, gksudo is hard-coded into all .desktop exec entries.
> So for example, the line for Synaptic would be "gksudo synaptic". This is
> alright in Gnome, but what about if a user runs Synaptic in KDE? It'd be
> better for KDE as well as Gnome to be able to read the field and use their
> own sudo, su, whatever frontend.
>
> This has arisen from the discussion of improving gksudo in Ubuntu[2].
> Right now the user is asked for their password in an unfriendly way. If
> the launching program for the desktop environment was able to distinguish
> between the need for root and non-root programs then information could
> also be extracted from the .desktop file (such as the translated program
> name) to provide more context for the user about what application is
> asking for their password.
>
> Thanks for your consideration.
KDE supports the following two fields:
X-KDE-SubstituteUID=true|false, with false as default
X-KDE-Username=<username>, with root as default
Would be trivial to add support for a standardized key as well.
I'm not aware of anyone actually using X-KDE-Username for anything other than
root, so I don't think it's very important to include that.
Something like RootRequired=yes|no|optional would work for me. I suggest you
make a patch for the desktop-entry spec and send it to this list. See
http://www.freedesktop.org/wiki/Standards/desktop-entry-spec
Cheers,
Waldo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20050515/12f0f66e/attachment.pgp
More information about the xdg
mailing list