killall gksudo: Stop running GTK as root!
We current have a bunch of "administration" functions on the desktop that run under gksudo for various reasons. This typically comes down to requiring root access to do some very small thing (like write to a config file).
Unfortunately, when we run the entire settings application under gksudo we're running hundreds of thousands of lines of code (GTK, image loaders, etc) as root with an extremely rich and confusing (ie: X11) interface between the root-running code and the user.
Further, the process of requiring the user to enter a password before they even open the dialog is a bit disruptive.
In general, we should examine methods of how we can leverage the system dbus and PolicyKit to provide extremely thin and simple interfaces between the user interface (GTK application running as user) and the privileged code (as little code with as few features as possible).
Blueprint information
- Status:
- Complete
- Approver:
- Scott James Remnant (Canonical)
- Priority:
- Medium
- Drafter:
- Martin Pitt
- Direction:
- Needs approval
- Assignee:
- Martin Pitt
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
-
Not started
- Milestone target:
- None
- Started by
- Completed by
- Martin Pitt
Related branches
Whiteboard
pitti, 2007-11-22: split spec into policykit-
pitti, 2008-05-26: Hardy started using PK for many things already; remaining big thing is to move applications which need to install packages -> Software Sources, Synaptic, gnome-app-install, Language Selector, Hardware Drivers. The latter three can be converted by fixing and moving to PackageKit.
kov, 2008-10-22: as gksu author I highly approve of this move, and I would like to point out that I am writing a policykit-based version of gksu to support applications which are not properly written (i.e. to use PolicyKit); see http://
Work Items
Dependency tree
* Blueprints in grey have been implemented.
