wilderjds
/
plasma-workspace
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3634 Commits
13 Branches
0 Tags
66 MiB
 
 
 
 
 
 
Tag: Branch: Tree: dc34aa70b4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dc34aa70b4'
${ noResults }
plasma-workspace/doc/PolicyKit-kde/howitworks.docbook

53 lines
2.4 KiB
Raw Blame History

<chapter id="howitworks">
<title>How it works</title>
<sect1 id="howitworks-overview">
<title>Overview</title>
<para>PolicyKit has a simple way of working, but it requires some
design changes from the applications that want to use it to request
passwords.</para>
</sect1>
<sect1 id="howitworks-problem">
<title>The problem</title>
<para>In GUI applications the common way to gain root privileges is to start
it as root, but there are several security risks in doing this method and
it does not allow a good actions mapping. There is no way to separate actions
like package-install of system-upgrading.
All the users who want to use it must have the root password. Another common
approach is using sudo but once you start an application with sudo you will
have all the rights the root user will have.
If for example the GUI application has a dialog to select files that dialog
is running as root which means that the user might be able to delete any file
on his machine or even coping others user files.
</para>
</sect1>
<sect1 id="howitworks-solution">
<title>The solution</title>
<para>With PolicyKit this problem is solved. The application in question
just need to separate the privileged code into another application,
often called helper (which will not have a GUI), then maps the desired
actions into a <quote>.policy</quote> file. PolicyKit then loads this file
and it can now authenticate applications to use those actions.
The use of &DBus; activated applications is the best if not the only,
way of putting an helper application to run with root privileges.</para>
<para>With this design the GUI application calls an action of the helper
application through &DBus;, which will start the helper with root privileges,
and informing it which action was requested and which application has requested
it. The helper application now calls the PolicyKit agent to see if that application
can do the given task, the helper should report if it could do the requested action.
In case the helper saw that the application didn't have enough rights the GUI
will then need to ask PolicyKit to obtain an authorization.</para>
<para>When PolicyKit receives the request to obtain an authorization it issues an
available Agent, which might happen to be &policykit-kde; if available. After a successful
authentication the GUI application needs to call the helper repeating the
same operation again.</para>
</sect1>
</chapter>