On 6/4/20 11:37 AM, Adam Williamson wrote: > On Thu, 2020-06-04 at 11:32 -0700, Samuel Sieb wrote: >> On 6/4/20 9:52 AM, Michael Catanzaro wrote: >>> I don't think we actually have the technical capability to ship it >>> in >>> live media without also installing it by default on the installed >>> system. >>> >>> It currently has to run as root, which is not acceptable, so would >>> require some work to split out privileged operations into a >>> separate >>> backend process and use polkit for authentication. I think it would >>> make >>> more sense to focus on improving Disks to do what you need rather >>> than >>> rewriting GParted. >> As far as I can tell, it's already using polkit. It asks for >> authentication before running. On the live image, the user doesn't >> have >> a password, so you might not see the dialog. (There was a bug with >> that >> previously.) > Well, it does actually use polkit, but it doesn't do the important > thing - it just uses polkit to authorize running *the entire app* as > root. The /usr/bin/gparted wrapper is more or less functionally > equivalent to just doing 'sudo gpartedbin'. The way this is 'supposed > to be done' is that the app would run as a regular user, and use polkit > to authorize only running the *specific operations* that require root > privileges as root. Interestingly enough, this is the way partitionmanager (a KDE app) works. I'll be sure to dodge the KDE hate. ---- Erich Eickmeyer Fedora Jam _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
