From kde-windows  Sun Mar 22 17:16:08 2009
From: Dario Freddi <drf54321 () gmail ! com>
Date: Sun, 22 Mar 2009 17:16:08 +0000
To: kde-windows
Subject: High Level privileges in KDE Applications
Message-Id: <200903221816.12830.drf54321 () gmail ! com>
X-MARC-Message: https://marc.info/?l=kde-windows&m=123774212425414
MIME-Version: 1
Content-Type: multipart/mixed; boundary="--===============0623915440=="

--===============0623915440==
Content-Type: multipart/signed;
  boundary="nextPart1617925.tJt91HL5Yp";
  protocol="application/pgp-signature";
  micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart1617925.tJt91HL5Yp
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hello list,

This mail is a follow-up to a conversation I had with Brandon on IRC. I am=
=20
trying to create an API to let KDE applications acquire high level privileg=
es=20
in a secure and multiplatform way.

No, I'm not talking about sudo or running GUIs as root, that is proven to b=
e=20
completely unsafe. More about PolicyKit and the caller-helper model. It's a=
=20
PolicyKit specific tutorial, but you can surely understand the concept bett=
er=20
here: http://techbase.kde.org/Development/Tutorials/PolicyKit/Helper_HowTo

So basically our aim is to split up the standard application from an helper=
=20
application that will perform the requested action as the privileged user. =
On=20
Linux the authorization can be verified through PolicyKit, on Windows throu=
gh=20
UAC or these things I found after a lazy search: http://msdn.microsoft.com/=
en-
us/library/dd550643(VS.85).aspx .

Before starting to draft (the api will consist of just a few functions, as =
you=20
can imagine), I wanted to have some opinions/needs of someone knowledgeable=
 on=20
the other platforms (yes, I'm poking the Mac team too), to let everyone=20
implement the API easily.

The design will be very similar to solid: the main library in kdelibs, the=
=20
various backends in kdebase/workspace.

Cheers
Dario

=2D-=20
=2D------------------

Dario Freddi
KDE Developer
GPG Key Signature: 511A9A3B


--nextPart1617925.tJt91HL5Yp
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAknGclgACgkQaqeZcVEamjsy3wCbB/2EeeaaYEOERzfoF1vQZRtM
Y1kAnim1aGs3pNv9/Qaky1g0ekh+268T
=RBcK
-----END PGP SIGNATURE-----

--nextPart1617925.tJt91HL5Yp--

--===============0623915440==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Kde-windows mailing list
Kde-windows@kde.org
https://mail.kde.org/mailman/listinfo/kde-windows

--===============0623915440==--