Integrate high privileges in KIO and GHNS

Fri Aug 21 15:58:58 BST 2009

On Thursday 20 August 2009 5:17:36 pm Dario Freddi wrote:
> Hello list,
> 
> As you might or might not know, GSoC is over, just like my student's
>  project. Nicola has worked on a framework to elevate privileges in a
>  secure, user friendly way in KDE applications, OS and backend agnostic (it
>  uses policykit on linux, to be clear).
> 
> Nicola, as part of his project, already ported kcmodule and systemsettings
>  to support this new framework, and ported the date/time kcmodule to it.
>  You can see everything waiting to be merged in
>  branches/work/{kdelibs-kauth,kdebase- kauth}.
> 
> Now, we should be all happy to have working kcmodules as root again, and
>  this time with a secure and elegant solution, but it doesn't stop here. My
>  plan is now to make other pillars of KDE use this framework. In this mail,
>  I'm talking about KIO and GHNS.
> 
> By now, when KIO, trying to read or write on a file, finds out that it has
>  no permission to do so, it simply quits the job. I would like to integrate
>  KAuth into KIO. In this case, when trying to read a file on which the user
>  has no read permission, it would check if the user is authorized to do so,
>  eventually ask for password, and eventually perform the job.
> 
> Once done that, I would like to offer the possibility to GHNS to perform
> "single-user" installations, or "system-wide" installations using KAuth.
>  This would also allow a full port of the KDM module to the new KAuth
>  system, something I would really like to have done by 4.4.
> 
> So, by now I wanted to know if there are any strong objections or advices
>  on this. But most of all, I would like to hear from KIO/GHNS maintainers,
>  and eventually having some pointers on the amount of work required, if
>  somebody is willing to help, and whatever.

I am the ghns (knewstuff2) maintainer, and this has been requested a couple/few 
times in ghns actually.  A couple ideas have floated around for how to show 
this to the user, one is that each install button could have an option to 
install to the whole system (which would then use KAuth I presume to check if 
it could perform the action, and do it via kio). knewstuff2 downloads payloads 
into temp folder somewhere then extracts/copies the contents to where they are 
intended.

So basically, technically it should be possible, and is a feature that has 
been asked for by a few, if not many, people.  I do see this as being useful 
for school instances where each student or class or something has a separate 
login, but the teacher/administrator/whoever wants Step data files, available 
via ghns, to be installed for everyone to use or something.

Jeremy

> Small P.S.: Remember that this framework is completely flexible, hence
>  users might also be not authorized at all to perform these kind of
>  actions, making KIO act just like it does now. Everything about security
>  and per-user or per- group policies are already being taken care of by
>  KAuth (and of course by the system administrator).
> 