On Wed, 20 Oct 2004 09:13:00 +0100, Douglas Furlong <douglas.furlong@xxxxxxxxxxx> wrote: > What is wrong with a user level configuration tool, like redhat-config- > printer, gdmsetup, or any number of other things, having a link to the > system-config-securitylelevel which requires root privileges? You are still thinking single user system where the user is also the sysadmin. You have to think of a solution that makes sense in a multiuser environment, and in a multiuser environment having users see the s-c-* password dialogs come up everytime a normal user tries to start up a service that needs an open port isn't necessarily a great idea. For my home system your suggestion would work for me. But on my system at work, that sort of thing isn't so great. You could make it a bit better and add a way to configure the operating system to NOT show the s-c-* password dialogs in the multiuser case but I'm not sure I like this complexity. For any config gui that already needs administrator privledges to do its job, this idea to link to s-c-securitylevel is fine. But for vino, the subject of this thread, and which is an end-user controlled service and end-user configuration gui to setup, having any sort of link to a root password protected tool I think is not appropriate. For vino and end-user services like it, I'd much rather find a clever way for the service to try to determine if the firewall is allowing port access or not on the port that is needed, and if not to prompt the user with a message dialog to contact the system administrator concerning the firewall configuration. I do not want normal users on a multiuser system to ever be prompted for the root password if I can help it. -jef