On Thu, 2005-03-03 at 16:01 -0500, Matthew Miller wrote:
On Thu, Mar 03, 2005 at 03:31:13PM -0500, David Zeuthen wrote:
> I don't think many of the system-config apps are "end user desktop"
> stuff at all. What needs to be fixed  though is at least printing,
> sound, display, software installation, date/time and network. Right now,
> in the default install, this requires the root password. I think that
> was the bug Havoc talked about.
I don't consider date/time to be "end user". That should be managed
ntp, which shouldn't be just tweaked at the whim of whoever sits down at the
box. (Setting the *user's* timezone is a different issue.)
Probably depends on the deployment or situation. The additional point
about all this "be sure end users can do desktop stuff without root" is
that we should have some kind of easy way to enable/disable their
ability to do particular things.
Display, sound, and local printing should Just Work, and network
possible. I'll not touch the details of printer configuration right now. :)
Software installation *definitely* needs some sort of authentication and
special privilege. Sure, this needs to be made so it's not intimidating, but
we also shouldn't shoot ourselves in the head.
For a managed client (with IT staff) then normally the IT dept will own
all software installation, but for a home desktop the end user should be
able to do it.
The trick is to enable that without allowing an app running as the user
to do it, in order to preserve safety vs. viruses etc. There was a
thread about this a while back. One approach is that if you aren't root,
you can only install signed packages; and you have to be root to add new
trusted keys. The "setuid" process would be simple and just check the
signature, then invoke the full installer.
I think software installation without root is less important than the
other stuff for now, since we have a ton of other problems in a "home
nontechnical user" environment anyhow. And software installation by
users isn't useful in an organization with IT staff.
Though I guess I *can* imagine a setup where users can install any
software that is signed by the particular IT department, that could be
useful. Probably not "best practice" but conceivably useful.