Re: Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it


The Unix security model has evolved over the past twenty, thirty years and

Why are so many people getting so religious over a basic usability
comment/request.

Case: He's opened a file in gedit or Writer or something else and made a
change to it. The file happens to be on a drive/partition/folder that
for whatever reason isn't writable. This happens all the time, not just
system config files, but also it happens all the time with files on
shared Windows drives/partitions, memory sticks and so on. It HAPPENS.

All the man says is that at this point he prefers not to have to save
this file somewhere where he can save it, exit the application, use
gksudo to open it again, re-apply the changes, save again.

Instead he'd like to have a clear error message indicating the file he's
editing is protected, AND have that very same window give him the
*option* to authenticate as administrator and continue the logical
workflow.

How this happens: He doesn't care. If a running program can escalate
access rights after entering the sudo password: great. Or if a script
is called that saves the file as a temp file, closes the application and
re-opens it again after authenticating as administrator: Just as
great.

That's all. No Unix-security-blasphemy takes place.

Cheers,
Chanchao


--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: Renaming Administrator account
    ... > A remote attacker with no local account CAN'T authenticate to the domain ... and so CAN'T determine a username from a well-known SID. ... > can, however, try to crack the administrator password by brute force. ...
    (microsoft.public.windows.server.sbs)
  • Re: HKEY_LOCAL_MACHINE Registry Access
    ... from my W2K3 noSP box. ... > authenticate and what privileges are requested during logon. ... I connect to the remote registry with no problems. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Multidimensional connection / Open connection failed
    ... > administrator and the other one a user-created in Active Directory. ... The AS server would have to contact an AD Domain ... Controller in order to authenticate. ... Then set up a local user on the client machine with the identical ...
    (microsoft.public.sqlserver.olap)
  • Re: netlogon service and LogonUser() API function
    ... there must be a way to authenticate credentials for a domain without ... "administrator tasks" in multiple computers that are part of multiple ...
    (microsoft.public.win32.programmer.kernel)