Message: previous - next
Month: December 2011

Re: [trinity-devel] "Keep password" check box restored to kdesu dialog box

From: Darrell Anderson <humanreadable@...>
Date: Sat, 3 Dec 2011 19:38:07 -0800 (PST)
> So at it's core this is really a documentation issue.
> If the dialog box
> contained a single line stating the application the
> password is stored for
> and when the password storage will expire then I would be
> willing to add
> the checkbox back.  Poorly defined or unknown/obscure
> behaviour is not a
> good thing when dealing with root access ;-)

The application is already stated in the dialog box. However, the text is not obvious and tends to just blend with the box. Perhaps the app information should be bolded or be more verbose. For example, use KRunner to type kdesu kate and this is what appears:

Command: kate

Perhaps that can be changed to:

Command: Run kate as root

I don't remember all the individual source files, but I seem to recall the "Keep password" check box widget is in kdelibs while the kdesu dialog box is part of kdebase. Any additional "notice" would have to be provided in the kdesu dialog box.

Right now the kdesu dialog looks like this:

Run as root - KDE su
The action you requested needs root
privileges. Please enter root's
password below or click Ignore to
continue with your current privileges.

Command: kate
Password: _________________

|_| Keep password

         Ignore    OK     Cancel

Perhaps underneath the Keep password widget, only when the user enables the check box, the following text appears dynamically:

Keeping the password is good only for
X hours, only for kate, and only for
this session.

The duration X is fetched from defaults.h.

If the user does not enable the check box the text does not appear. By appearing dynamically, the potential security risk is more obvious. Or the warning text could be ghosted when the check box is disabled and unghosted when enabled.