Re: [Usability] Re: Button ordering
- From: Maciej Stachowiak <mjs noisehavoc org>
- To: Seth Nickell <snickell stanford edu>
- Cc: Maciej Stachowiak <mjs noisehavoc org>, Mathias Hasselmann <mathias hasselmann gmx de>, "manaspa pacbell net" <manaspa pacbell net>, Joel Becker <jlbec evilplan org>, Alan Cox <alan redhat com>, "gnome-hackers gnome org" <gnome-hackers gnome org>
- Subject: Re: [Usability] Re: Button ordering
- Date: Sun, 4 Nov 2001 19:30:27 -0800
This is soooo not related to the original thread...
On 04Nov2001 05:24PM (-0800), Seth Nickell wrote:
>
> I have absolutely no clue about these issues or how feasible this stuff
> is. For example, is it possible to spawn a thread as a different user?
> (probably not, just fishing). Or maybe we could do this with CORBA or
> something. *shrug* I have absolutely no clue. MacOS/X seems to be able
> to do something like this, no clue if its easy for developers or not.
Here is how OS X does it:
* There is an `admin' group of users who should have priveleged access.
* There is an API to prompt a user for the username and password of
any user in the admin group, and launch a child process as root if
authentication is successful.
* The lock button seen on many OS X programs uses this API to launch a
child process that does the real work as root.
* Often you talk to the child process via "Distributed Objects", a
technology similar to CORBA but less painful to use. It's based on
Objective C (yuck) but makes remote objects feel just like the system
native in process objects (i.e. no CORBA_Object vs. GObject mess).
* You avoid having to constantly enter your password because your
athorization token lasts for a couple of minutes. There's an
authentication server that remembers what users/processes are
authorized for admin tasks.
There is really no magic here, we could implement something similar
using PAM, CORBA and a bit of UI gadgetry.
But since no one is really running blocks of code in the same process
with priveleges, the number of restricted tasks you can let users
perform with authorization is limited by how much you are willing to
split your program into a GUI front end and a back end process that
does the real work.
Regards,
Maciej
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]