D12795: Re-allow running Dolphin as the root user (but still not using sudo)
Nathaniel Graham
noreply at phabricator.kde.org
Sun May 20 19:38:07 BST 2018
ngraham added a subscriber: chinmoyr.
ngraham added a comment.
I've deal with a lot of criticism in my time, Martin. But I have a thick enough skin to avoid taking it personally or letting it affect my judgment. If some jerks send hate mail, that is not a good reason to say "Now I //really// won't do it!" and punishing everyone else over it.
There are indeed legitimate use cases for using a root session from time to time, IMHO. I recently experienced this myself when I was setting up a new GNOME-based RHEL build machine at work recently(and yes, it needed a GUI so we could perform UI tests on it) and the only user I had available was the root user. There was no network connection yet so there were no security implications, and also the box is behind a beefy enterprise intranet firewall. I logged in as root and made some configuration changes, no big deal. It occurred to me that if the machine was using an up-to-date KDE-based distro, this would have been annoying for no good reason. Yes: I could have done everything via the command line. Of course. But not as quickly, for many tasks. For example, I was able to configure the network settings in 15 seconds via the GUI. Via the command line, it would have taken me 15 minutes to look up the way to do it on this particular platform and version (the methods and files in question are subtly different between CentOS 5 6 and 7, and Ubuntu 12, 14, and 16). I am an IT professional, and from time to time I find myself using a root GUI session. It's not ideal, but in the real world, it does happen.
Again, I am willing to accept breaking the `sudo dolphin` use case because PolKit support is coming (hopefully soon, thanks to @chinmoyr), which does indeed represent a superior alternative. In this case, I will deal with user anger in the short term and attempt to soothe frayed nerves by promising that something better is coming.
But for the root use case, I continue to not see any harm in re-enabling this. It adds no support burdens--in fact it will remove some since we can close some Bugzilla tickets and prevent a measure of user anger). And again: it's not our jobs to make these decisions for our users. We should treat them like capable adults who can make their own decisions. "Sorry, this is too insecure, you can't do it at all" is just insulting, especially for people who understand that the barrier is a policy decisions rather than a technical impediment. This was the purpose of the proposed warning in D12732 <https://phabricator.kde.org/D12732>: not to block access, but to say, "You're on your own here, and if you get hurt, we warned you!" Intelligent adults can make their own decisions, especially if they're provided with adequate warning about the potential consequences.
REPOSITORY
R318 Dolphin
REVISION DETAIL
https://phabricator.kde.org/D12795
To: ngraham, markg, elvisangelaccio, #dolphin
Cc: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp, spoorun, navarromorales, isidorov, firef, andrebarros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20180520/7967215a/attachment.htm>
More information about the kfm-devel
mailing list