Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it

Jeffrey F. Bloss jbloss at tampabay.rr.com
Wed Jan 10 06:44:14 UTC 2007


Chanchao wrote:

> 
> > The Unix security model has evolved over the past twenty, thirty
> > years and 
> 
> Why are so many people getting so religious over a basic usability
> comment/request. 

Nobody is getting religious about it. The people who are asking for
this "feature" simply do not understand what they're asking for. The
problem here is that this is not a basic usability issue. It's normal
and necessary behavior if you want any sort of security in a multiuser,
networking  environment.

> Case: He's opened a file in gedit or Writer or something else and
> made a change to it.  The file happens to be on a
> drive/partition/folder that for whatever reason isn't writable.  This
> happens all the time, not just system config files, but also it
> happens all the time with files on shared Windows drives/partitions,
> memory sticks and so on.  It HAPPENS. 

Stop and think for a second. After 15+ years of Linux development since
kernel 1.0, and God knows how many years of Unix development before
that, this still "Happens".

Yes, your own observations should should be your first clue that this
has nothing at all to do with usability. :) If it were a mere matter of
ergonomics don't you think someone, somewhere along the line, would
have fixed such a niggling inconvenience like not letting every Tom,
Dick, and Harry application to elevate user privileges with a password?

> All the man says is that at this point he prefers not to have to save
> this file somewhere where he can save it, exit the application, use
> gksudo to open it again, re-apply the changes, save again. 

I'd prefer that my copy of Ubuntu washed windows and did laundry too.

Ironically enough, my wishes are a lot more attainable than the wishes
of people who want Gedit to handle system security. :)


> Instead he'd like to have a clear error message indicating the file
> he's editing is protected, AND have that very same window give him the
> *option* to authenticate as administrator and continue the logical
> workflow.   
> 
> How this happens: He doesn't care.  If a running program can escalate

If he doesn't care then he can run as root full time. Or install
Windows 98, or use some other OS/configuration which has none of this
sort of security. 

It really is that simple.

> access rights after entering the sudo password: great.  Or if a script
> is called that saves the file as a temp file, closes the application
> and re-opens it again after authenticating as administrator:  Just as
> great. 
> 
> That's all.  No Unix-security-blasphemy takes place.

Nonsense. You're suggesting that every application be allowed to
determine who is and is not permitted to act as an administrator
independent of the OS. That's not blasphemy, it's castration. You're
asking that the entire Linux/Unix authentication mechanism be
undermined.

Here's a novel thought... why not attempt something like thinking ahead
and not making changes to files you don't have permission to change. I
mean it's not like there isn't 24 million different ways to know about
it ahead of time, so maybe rather than asking the developers of one of
the best Linux distributions ever to gut their product, which is a
misplaced question to begin with because this really has nothing at all
to do with Ubuntu in the first place, you should try and learn something
from the things you believe "just happen" for no better reason that to
annoy people.

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
    grok!              Registered Linux user #402208
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070110/6e91628d/attachment.pgp>


More information about the ubuntu-users mailing list