Comment # 3 on bug 1202042 from Andreas Stieger

Michael, if the screening team got it wrong the first time, I think instead of
moving it back to screening it would be better to move it to a better fitting
bug handler. With some added value. Otherwise we are stuck at step 0 and
haven't done anything for the user.

Marcus (polkit maintainer, security team), I believe the user is suggesting an
improved user experience. In this case the example is a font installer that
requests access to a disk, which seems to be very generic.

I understand the enhancement request as follows:

1. More details shown in the dialog. I believe there is a details triangle to
expand. Since the application determines the privileges, we could improve this
via packaging policies or audit recommendations.

2. Some form of trust advisory based on a reputation system. I do not think
that this is in line with the overall distribution philosophy: The distribution
assumes that the software itself is trustworthy, and that users actually intend
to use the software in question. We want to make the user make informed
decisions without having to be root all the time, not protect them from
randomly downloaded software. I believe most of this can be covered by getting
the user used to very informative policykit prompts via #1, so #2 becomes
unnecessary.

Marcus, how do you think this should be progressed?