Re: [Usability]Re: The path to 2.4 -- part 1

[Christian Rose <menthos menthos com>]

tis 2003-02-11 klockan 02.39 skrev Bryan W. Clark:
> >>>If this happens, make sure there is a gconf key to disable even asking -
> >>>admins might not want user's to even see that dialog pop up.  (I
> >>>wouldn't.)
> >>
> >>I would hope that this would be option would off by default so that 
> >>users who want this type of functionality simply have to turn it on and 
> >>other users are never aware of it's presence.
> >
> >Off by default doesn't make much sense. We already have good admin docs
> >(thanks to Sun) that gives hints for admins of how to customize the
> >desktop for their environment and users. Admins are often technical
> >people that can supposedly in most cases handle some of the basics of
> >gconf with help from documentation. Adding documentation about an
> >additional key is not a difficult task.
>
> I disagree, I think off by default makes a lot of sense.  Until there is 
> a universal "backup" or "undo" feature I don't think that something like 
> this is a good idea for the majority of users.

Undoing is unrelated to the issue here. The same arguments can be
applied to local copying in your own folders where you overwrite or
delete something vs. where you for example copy something into another
user's folder and overwrite or delete something, which is what we're
talking about here. Both cases may or may not need undoing. I don't
understand why you're trying to seperate the two cases here and suggest
that the needs of undoing are different.


>  And by "backup" or 
> "undo" I mean giving users the ability to restore files that they have 
> written over or removed, similar to the idea of the "reversable desktop" 
> that was talked about a while back.

Yes, but this is unrelated to the issue here.


> >In contrast, having to educate thousands of (novice) desktop users in
> >standalone environments of how to toggle a gconf key to be able to do
> >some copying seems like a much bigger task, and not necessarily one we
> >would like to throw at our users at all.
>
> Agreed, perhaps.  However I disagree that (novice) desktop users will be 
> needing to access protected files so often that they require this 
> functionality built-in by default.

I can imagine several scenarios. I agree that copying something into
system folders seems like an uncommon scenario, but copying something
into another user's folder for example, or deleting another user's
files, probably isn't that uncommon, which is what makes this a real
issue.

Imagine for example a home computer where the different family members
use seperate logins, or any type of use of a standalone machine with
multiple local users. Typically there will be at least one person acting
as a sort of administrator, although possibly not formally trained as
one. There is still the need of being able to copy things into other
users' home folders in order to set things up, or to delete junk, even
if you know squat about the command line, as long as you are
administrating.


> Plus I would also think that a 
> (novice) user might not understand completely what a dialog box asking 
> "enter your root password" is really doing when they accidentally copy 
> over their /etc/passwd file.

That's why I suggested a warning when the target is a system folder (or
file).


> For those users who are not (novice) and 
> probably need to access protected files much more; I think they'll find 
> the key fairly quickly and make use of this feature.

Experience shows otherwise. There are many people, including experienced
users, on mailing lists and on other forums that have complained and 
complain about features that have been "removed", but in reality have
just become a gconf setting instead of an UI option. Not that I consider
the strategy of moving "exotic" features into gconf bad, on the
contrary, but it goes to show that even self-proclaimed experienced
users in practice don't always find the relevant gconf keys or notice
that they even exist.

That's why I find it strange that we should require users that want to
do the fairly simple task of copying something into another user's
folder to 1) know that there's a seperate gconf key for being able to do
this, 2) find this key, and 3) know how to enable it.


> >Whether this should be off by default in order to prevent users on
> >standalone systems from dangerous copying that will ruin their system is
> >another matter, though. But I'd argue that many distributions ship
> >administration tools that are just a root password away anyway, which
> >could just as easily hose the system if used uncarefully. Maybe an
> >advice of the dangers if copying to a system folder would be in order,
> >but I don't think we should disallow it.
>
> Distributions can make their own decisions, those developers and their 
> users will have to face the consiquences of those.  I see this as a 
> question of what a "sane" default would be for the majority of all users 
> of gnome, without taking into consideration of what any distribution 
> might do after the fact.

No other common platform these days totally prevents you from copying
things into another user's folders even if you have the necessary
permissions. Windows doesn't do it. It won't allow you (or ask for a
password) if you aren't in the Administrators group, but on the other
hand you'll be in the Administrators group by default if you're the
first created user account on the machine. And if I remember correctly,
MacOS will ask you for a password like suggested here.


> Which persona type are you looking at this issue for?  Administrator? 
> Power User? or the _larger_ group of regular users out there in the 
> world?  

The last one. Those have always been my goal of interest. But I don't
really like this type of simple categorization; I've seen enough of
people that didn't fit in any of these simple categories. I've
encountered:
* Persons that had never used a computer before (complete novices)
* Persons that had never used a Linux/UNIX machine before, but had some
previous Windows experience
* Persons that had never used a Linux/UNIX machine before, but had
extensive Windows experience
* Persons that had never used a Linux/UNIX machine before, but were
experienced Windows administrators
Those are just the types that had never used a Linux/UNIX machine
before... there are a lot more categories of users that I've
encountered. But the common denominator for all of the above user types
is that they were more or less totally lost when asked to accomplish
tasks on the command line. On the same time, the people with previous
experience didn't have that many problems in general using the desktop,
and the person with previous Windows administration experience did
manage to configure the system in some ways using the graphical
administration tools. But there was no way for him to solve the task of
fixing or setting up a user's files, which is why I got interested in
this matter to beging with.

I simply just don't agree that completely disallowing trivial tasks like
copying a file into another user's folder, irregardless if you can
present the necessary permissions or not, is a help for any user.


Christian