[prev in list] [next in list] [prev in thread] [next in thread]
List: kwin
Subject: Re: Re: KCM Authorization (was: Re: Review Request: print-manager on kdereview)
From: Martin =?ISO-8859-1?Q?Gr=E4=DFlin?= <mgraesslin () kde ! org>
Date: 2012-08-30 5:52:47
Message-ID: 2624485.NqieItjtrO () martin-desktop
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Wednesday 29 August 2012 22:32:07 Dario Freddi wrote:
> 2012/8/29 Thomas Lübking <thomas.luebking@gmail.com>:
> > Moving to kwin.
> >
> > Am 29.08.2012, 03:15 Uhr, schrieb Dario Freddi <drf54321@gmail.com>:
> >> The root of the problem is not in KAuth (which has been already
> >> redesigned in Frameworks to be completely async, btw) but in the fact
> >> that polkit doesn't conceive a window manager which makes the
> >> authorization dialog non-modal.
> >
> > The modality description in the NETWM is extremely weak ("while clients
> > can" ... "WM can also" ... *sigh*) and there's no icccm defined concept
> > of modality but the bottom line is that the user can not interact with
> > the blocked window at all.
>
> Sorry I explained myself really badly in the previous mail: the
> problem is that polkit assumes that the authorization dialog will be
> *system-wide modal* as in: no any other interaction can happen before
> the dialog has been "completed".
There is no such thing as a "system-wide modal" dialog on X and I doubt that
we would be able to implement this in a secure way unless it is handled
directly by the session manager.
So I'm really surprised that polkit assumes something that does not exist.
Btw. I personally consider system-wide modality as a very bad concept. It does
not allow one to google why I should enter my password when foo asks for it.
It gives the user two options:
* cancel
* preceed and maybe allowing malware in
>
> > KWin so far (compiz eg. as well) only prevents passing the input focus to
> > a
> > modally blocked client, but other events (notably mouse events) are still
> > let through (and then blocked by the client)
> >
> > Because of the ultra weak specification we could probably change that w/o
> > breaking the NETWM spec the least (we probably could also just unmap the
> > blocked window w/o breaking the spec....) but that will of course not help
> > with other WMs
>
> As said above, we do not really care - KDE is the only environment
> where we don't impose system-wide modality to the authorization dialog
> and the case is so specific we can afford having something
> KWin-specific IMHO
which other environments do support that? They are all X aren't they? I have
never heard that another WM has implemented support for that and so far I have
not heard about Linux using UAC.
Best Regards
Martin
["signature.asc" (application/pgp-signature)]
_______________________________________________
kwin mailing list
kwin@kde.org
https://mail.kde.org/mailman/listinfo/kwin
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic