[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [RFC] Security and Features in KPDF
From: Anders Lund <anders () alweb ! dk>
Date: 2005-01-03 22:23:32
Message-ID: 200501032323.35393.anders () alweb ! dk
[Download RAW message or body]
On Monday 03 January 2005 21:46, Enrico Ros wrote:
> Well, that's oversemplified. We all agree that the action might be
> dangerous. And in fact the dialog can be like this:
>
> http://www.dei.unipd.it/~rosenric/temp/before.png
>
> Notice 'cancel' focused. So the user has to read the advistoy; we have the
> disclaimer; he/she has to click on the checkbox and then:
>
> http://www.dei.unipd.it/~rosenric/temp/after.png
For one thing, this is misuse of the checkbox widget. The state of a checkbox
in a dialog is noramlly decisive for how the application behaves *after the
dialog has been closed*. To show additional content on a dialog, it's common
to us a button with a double arrow folowing the button text, like
[ More Options >> ]
If the mission is to help possibly unexperienced users, we should definately
not mess with widget usage :)
In this case, maybe a widget in the wizzard style would be better -- press
'Continue' and see the command. After all the purpose is to slow down the
user and cause him to thing carefully.
Of cause the coolness factor of clicking a link in a presentation and have a
command immediately executed vanishes, but hey -- that is why we have
specialized presenttaion programs isn't it? (or do those just present us with
the exact same security issue - you can download presentations from the
internet as well?)
Maybe we should only execute commands from a file that is signed with a valid,
approved certificate or a trusted pgp key?
FWIW: My mother, who is a unexperienced computer user, reads dialog texts, and
hates when they are unclear. Since this sort of warning is helpfull to her, I
allways feel embarrassed on her [still windows] PC's behalf when it displays
nonsense, which is unfortunately often.
-anders
--
Homepage: http://www.alweb.dk
Jabber address: anderslund@jabber.dk
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic