Plans for revamping Kiosk and KAuthorized
Dario Freddi
drf54321 at gmail.com
Wed Sep 23 13:23:45 BST 2009
On Wednesday 23 September 2009 14:13:56 Oswald Buddenhagen wrote:
> On Wed, Sep 23, 2009 at 12:03:07PM +0200, Dario Freddi wrote:
> > *1. Revamp KAuthorized by using KAuth as the backend*
> > At the moment Kiosk is based upon some KConfig files.
> >
> > This is not so great when it comes to security and flexibility,
>
> please explain.
At the moment KConfig::global() is used. This means that authorizations can be
easily changed by the user without hassle. Moreover, KConfig was not written
with the scope of being an authorization database
>
> by changing the backend you make all existing configurations
> ineffective. a tool to migrate configs should be written.
Sure, that was implicit
>
> kconfig's isImmutable() may be/is used to lock down configuration
> dialogs, etc. you can then either live with two ways to do very similar
> things, or you cover that part as well - at the cost of performance
> (mostly irrelevant) and making things more complicated to configure
> (i can't simply lock down the settings where i make them).
Uhm, can you please expand on that matter? Does isImmutable use KAuthorized or
something?
>
--
-------------------
Dario Freddi
KDE Developer
GPG Key Signature: 511A9A3B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090923/c8469f91/attachment.sig>
More information about the kde-core-devel
mailing list