On Thu, Mar 30, 2006 at 12:55:22PM -0500, David Zeuthen wrote: > Indeed, the whole idea of using polkit-su have been abandoned after > discussion on on the hal list when someone from SUN and SUSE proposed a > better approach. Isn't open development great? Yes. :) > However, it's all work in progress at the point and since it's rather > complex and deals with privilege escalation I've started writing a spec > how all this is supposed to work. I'm not done yet with the spec.. but > this is how far I've got > http://webcvs.freedesktop.org/*checkout*/hal/PolicyKit/doc/spec/polkit-spec.html Okay, so no switching users at all. That looks pretty cool. I see "For details (like what user to authenticate as) see XXX" -- it'd make me very happy if XXX could include things like "for members of a given group, allow auth-as-self" (as consolehelper currently does). > and I hope at least the diagram explains what the point is. I do expect > this to be baked at some point rather soon as it's holding back hal and > gnome-mount releases :-) ... at least the difficult part of doing PAM > over D-BUS is done and I already got proof of concept work.. so.. it's > in a state of needing documentation of having a list of TODO's being > worked on. If anyone wants to help out (I'm doing this mostly in my > spare time as I'm tied up with other commitments at work) please join > the hal list and send mail. I'm interested but already horribly overcommitted. :) -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
