Mini-proposal for Elevated User Privileges in menu-spec

Waldo Bastian bastian at
Sun May 15 16:40:45 EEST 2005

On Saturday 14 May 2005 02:34, jayc at wrote:
> In October 2004, it was discussed how to handle elevated privileges:
> The proposed idea was shot down with most(?) siding with sudo as being
> good enough.  So I have a different proposal.
> If the menu-spec contained an optional field such as "RequiresRoot=yes"[1]
> then the various desktop environments could decide how to implement
> running applications with elevated privileges.
> Right now in Ubuntu, gksudo is hard-coded into all .desktop exec entries.
> So for example, the line for Synaptic would be "gksudo synaptic".  This is
> alright in Gnome, but what about if a user runs Synaptic in KDE?  It'd be
> better for KDE as well as Gnome to be able to read the field and use their
> own sudo, su, whatever frontend.
> This has arisen from the discussion of improving gksudo in Ubuntu[2].
> Right now the user is asked for their password in an unfriendly way.  If
> the launching program for the desktop environment was able to distinguish
> between the need for root and non-root programs then information could
> also be extracted from the .desktop file (such as the translated program
> name) to provide more context for the user about what application is
> asking for their password.
> Thanks for your consideration.

KDE supports the following two fields:

X-KDE-SubstituteUID=true|false, with false as default
X-KDE-Username=<username>, with root as default

Would be trivial to add support for a standardized key as well.
I'm not aware of anyone actually using X-KDE-Username for anything other than 
root, so I don't think it's very important to include that.

Something like RootRequired=yes|no|optional would work for me. I suggest you 
make a patch for the desktop-entry spec and send it to this list. See

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 

More information about the xdg mailing list