Re: security policy / root passwords

To: Simon McVittie <smcv@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: security policy / root passwords
From: Daniel Pocock <daniel@pocock.com.au>
Date: Mon, 10 Jun 2013 14:54:33 +0200
Message-id: <[🔎] 51B5CC89.3060306@pocock.com.au>
In-reply-to: <[🔎] 51B5C2CA.70100@debian.org>
References: <[🔎] 51B4B11E.8080701@pocock.com.au> <[🔎] 20130609172016.GB26067@nighthawk.chemicalconnection.dyndns.org> <[🔎] 20130610072118.GC26067@nighthawk.chemicalconnection.dyndns.org> <[🔎] 848v2izak6.fsf@sauna.l.org> <[🔎] CALiCqYZeNkTn=gdAjas2LRX=3LLjANejFNqX=Pss98nkMXWKtA@mail.gmail.com> <[🔎] 51B5B9B9.4080701@pocock.com.au> <[🔎] 51B5C2CA.70100@debian.org>

On 10/06/13 14:12, Simon McVittie wrote:
> On 10/06/13 12:34, Daniel Pocock wrote:
>> a) a web site displaying a "PolicyKit" popup that resembles the wording
>> of the Debian popup
> GNOME Shell does mitigate this by using a distinctive UI for
> "system-modal dialogs", which makes use of the fact that the Shell is
> the window compositor in order to dim the rest of the screen:
>
> <http://people.gnome.org/~halfline/power-off-dialog.png>
>
> That's the "power off" dialog, but PolicyKit prompts are similar. Notice
> that everything outside the dialog is desaturated and darker than usual.
> I would hope that web browsers don't have that level of control over the
> system's appearance (going to full-screen is the closest they could get,
> and they'd still have to reproduce a darkened form of the entire screen
> contents somehow).

That screenshot appears to be Gnome 3.  I log in with Gnome Classic so
maybe I'm experiencing something different.

The dialog I see does not have the appearance of the screenshot in that
link - you can see a screenshot attached to the bug here:

http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=25;filename=708548.png;att=1;bug=708548

and it is not modal either.  Those may be other bugs in the way this works.

I agree that having a modal dialog with a dimmed background would help,
maybe this is meant to happen but the code is not working correctly in
Gnome classic mode?

It was also demonstrated with Windows 7 that users could be tricked by
web sites that simply dimmed the background of the browser window - so
it is not a perfect solution and I would personally prefer to see users
referred to initiate "su" or "sudo" on their own.

Another way to do this might be telling them about updates at login time
or when the screen is locked.  Those are places where the user normally
enters a password anyway.  Immediately after they enter the password,
the user could be informed about pending updates, within the same login
UI, rather than having popups appearing out of nowhere.

Reply to:

Follow-Ups:
- Re: security policy / root passwords
  - From: Uoti Urpala <uoti.urpala@pp1.inet.fi>
- Re: security policy / root passwords
  - From: Simon McVittie <smcv@debian.org>

References:
- security policy / root passwords
  - From: Daniel Pocock <daniel@pocock.com.au>
- Re: security policy / root passwords
  - From: Michael Banck <mbanck@debian.org>
- Re: security policy / root passwords
  - From: Michael Banck <mbanck@debian.org>
- Re: security policy / root passwords
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: security policy / root passwords
  - From: Alexey Serikov <kompadre@gmail.com>
- Re: security policy / root passwords
  - From: Daniel Pocock <daniel@pocock.com.au>
- Re: security policy / root passwords
  - From: Simon McVittie <smcv@debian.org>

Prev by Date: Re: How to bump the SONAME of a library ? [WAS: DH way to set SONAME]
Next by Date: Re: security policy / root passwords
Previous by thread: Re: security policy / root passwords
Next by thread: Re: security policy / root passwords
Index(es):
- Date
- Thread