Plans for revamping Kiosk and KAuthorized

Dario Freddi drf54321 at
Wed Sep 23 13:23:45 BST 2009

On Wednesday 23 September 2009 14:13:56 Oswald Buddenhagen wrote:
> On Wed, Sep 23, 2009 at 12:03:07PM +0200, Dario Freddi wrote:
> > *1. Revamp KAuthorized by using KAuth as the backend*
> > At the moment Kiosk is based upon some KConfig files.
> >
> > This is not so great when it comes to security and flexibility,
> please explain.

At the moment KConfig::global() is used. This means that authorizations can be 
easily changed by the user without hassle. Moreover, KConfig was not written 
with the scope of being an authorization database

> by changing the backend you make all existing configurations
> ineffective. a tool to migrate configs should be written.

Sure, that was implicit

> kconfig's isImmutable() may be/is used to lock down configuration
> dialogs, etc.  you can then either live with two ways to do very similar
> things, or you cover that part as well - at the cost of performance
> (mostly irrelevant) and making things more complicated to configure
> (i can't simply lock down the settings where i make them).

Uhm, can you please expand on that matter? Does isImmutable use KAuthorized or 



Dario Freddi
KDE Developer
GPG Key Signature: 511A9A3B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the kde-core-devel mailing list