[New: openFATE 314842] KDE control panel: local user settings only || YaST: root-level
Feature added by: Kalenz . (Kalenz) Feature #314842, revision 1 Title: KDE control panel: local user settings only || YaST: root-level openSUSE Infrastructure: Unconfirmed Priority Requester: Desirable Requested by: Kalenz . (kalenz) Partner organization: openSUSE.org Description: We should draw a clear distinction: the KDE control panel should be about the desktop environment only (local user level only), and all system (root-level) settings are YaST territory. This would mean: clean up the KDE code to remove anything that 'invades'. Moderate version: have a switch somewhere that says: "Allow access to system settings from KDE control panel (asking for root password)", switched off by default . It should be there for the benefit of KDE users familiar with these tools, not as the default thing in the face of openSUSE newcomers. Business case (Partner benefit): openSUSE.org: Having two control panels (KDE/YaST) is confusing and unsafe. Several threads in the forum address this issue, and several items on openFATE have appeared, suggesting that we "merge" the two. A historical understanding is needed: not all KDE users are on openSUSE; YaST is the central root-level control panel of openSUSE (and not only in the KDE environment). The KDE control panel started as a desktop environment settings menu, but is now growing as the KDE developers try to build an all-purpose system control panel, mainly targeted at desktop/mobile users. We can't blame the KDE folks for wanting to do this. However, in openSUSE, it creates a situation that is: * Confusing for newcomers, because there are two control panels and the distinction is blurred; * Insecure as things scale, because local-user and root settings are thrown in together. The distinction of a local-user privilege "desktop settings" control panel (i.e., KDE settings) and a super-user "system settings" control panel (i.e., YaST) is both sensible for security reasons, as it prevents light-hearted use of the root password, and helpful for newcomers, as it clearly marks the line between local and system settings. The current combination of: 1) Allowing KDE control panel to access system-level settings, displaying only the Windows-style "password to confirm" dialogue, 2) Root password = local user password by default openSUSE installation setting*, 3) "Everybody Hates Apper" --> and yet it runs by default, is dangerous and stupid. * this is not a security violation in the stricter sense, however, it fails to teach newcomers an appreciation of the meaning and importance of the "root user" on a Unix-like system (and by implication, becomes insecure). -- openSUSE Feature: https://features.opensuse.org/314842
Feature changed by: Kalenz . (Kalenz) Feature #314842, revision 2 Title: KDE control panel: local user settings only || YaST: root-level openSUSE Infrastructure: Unconfirmed Priority Requester: Desirable Requested by: Kalenz . (kalenz) Partner organization: openSUSE.org Description: We should draw a clear distinction: the KDE control panel should be about the desktop environment only (local user level only), and all system (root-level) settings are YaST territory. This would mean: clean up the KDE code to remove anything that 'invades'. Moderate version: have a switch somewhere that says: "Allow access to system settings from KDE control panel (asking for root password)", switched off by default . It should be there for the benefit of KDE users familiar with these tools, not as the default thing in the face of openSUSE newcomers. Business case (Partner benefit): openSUSE.org: Having two control panels (KDE/YaST) is confusing and unsafe. Several threads in the forum address this issue, and several items on openFATE have appeared, suggesting that we "merge" the two. A historical understanding is needed: not all KDE users are on openSUSE; YaST is the central root-level control panel of openSUSE (and not only in the KDE environment). The KDE control panel started as a desktop environment settings menu, but is now growing as the KDE developers try to build an all-purpose system control panel, mainly targeted at desktop/mobile users. We can't blame the KDE folks for wanting to do this. However, in openSUSE, it creates a situation that is: * Confusing for newcomers, because there are two control panels and the distinction is blurred; * Insecure as things scale, because local-user and root settings are thrown in together. The distinction of a local-user privilege "desktop settings" control panel (i.e., KDE settings) and a super-user "system settings" control panel (i.e., YaST) is both sensible for security reasons, as it prevents light-hearted use of the root password, and helpful for newcomers, as it clearly marks the line between local and system settings. The current combination of: 1) Allowing KDE control panel to access system-level settings, displaying only the Windows-style "password to confirm" dialogue, 2) Root password = local user password by default openSUSE installation setting*, - 3) "Everybody Hates Apper" --> and yet it runs by default, + 3) Everybody Hates Apper --> and yet it runs by default, is dangerous and stupid. * this is not a security violation in the stricter sense, however, it fails to teach newcomers an appreciation of the meaning and importance of the "root user" on a Unix-like system (and by implication, becomes insecure). -- openSUSE Feature: https://features.opensuse.org/314842
Feature changed by: vazha vandan (vazhavandan) Feature #314842, revision 4 Title: KDE control panel: local user settings only || YaST: root-level openSUSE Infrastructure: Unconfirmed Priority Requester: Desirable Requested by: Kalenz . (kalenz) Partner organization: openSUSE.org Description: We should draw a clear distinction: the KDE control panel should be about the desktop environment only (local user level only), and all system (root-level) settings are YaST territory. This would mean: clean up the KDE code to remove anything that 'invades'. Moderate version: have a switch somewhere that says: "Allow access to system settings from KDE control panel (asking for root password)", switched off by default . It should be there for the benefit of KDE users familiar with these tools, not as the default thing in the face of openSUSE newcomers. Business case (Partner benefit): openSUSE.org: Having two control panels (KDE/YaST) is confusing and unsafe. Several threads in the forum address this issue, and several items on openFATE have appeared, suggesting that we "merge" the two. A historical understanding is needed: not all KDE users are on openSUSE; YaST is the central root-level control panel of openSUSE (and not only in the KDE environment). The KDE control panel started as a desktop environment settings menu, but is now growing as the KDE developers try to build an all-purpose system control panel, mainly targeted at desktop/mobile users. We can't blame the KDE folks for wanting to do this. However, in openSUSE, it creates a situation that is: * Confusing for newcomers, because there are two control panels and the distinction is blurred; * Insecure as things scale, because local-user and root settings are thrown in together. The distinction of a local-user privilege "desktop settings" control panel (i.e., KDE settings) and a super-user "system settings" control panel (i.e., YaST) is both sensible for security reasons, as it prevents light-hearted use of the root password, and helpful for newcomers, as it clearly marks the line between local and system settings. The current combination of: 1) Allowing KDE control panel to access system-level settings, displaying only the Windows-style "password to confirm" dialogue, 2) Root password = local user password by default openSUSE installation setting*, 3) Everybody Hates Apper --> and yet it runs by default, is dangerous and stupid. * this is not a security violation in the stricter sense, however, it fails to teach newcomers an appreciation of the meaning and importance of the "root user" on a Unix-like system (and by implication, becomes insecure). + Discussion: + #1: vazha vandan (vazhavandan) (2013-02-24 16:13:09) + What do we do in case of other desktops like GNOME,LXDE,XFCE and even + E17 which is probably going to be shipped with 12.3 ? integrating YAST + with each DEs settings is going to be a huge task -- openSUSE Feature: https://features.opensuse.org/314842
Feature changed by: Kalenz . (Kalenz) Feature #314842, revision 5 Title: KDE control panel: local user settings only || YaST: root-level openSUSE Infrastructure: Unconfirmed Priority Requester: Desirable Requested by: Kalenz . (kalenz) Partner organization: openSUSE.org Description: We should draw a clear distinction: the KDE control panel should be about the desktop environment only (local user level only), and all system (root-level) settings are YaST territory. This would mean: clean up the KDE code to remove anything that 'invades'. Moderate version: have a switch somewhere that says: "Allow access to system settings from KDE control panel (asking for root password)", switched off by default . It should be there for the benefit of KDE users familiar with these tools, not as the default thing in the face of openSUSE newcomers. Business case (Partner benefit): openSUSE.org: Having two control panels (KDE/YaST) is confusing and unsafe. Several threads in the forum address this issue, and several items on openFATE have appeared, suggesting that we "merge" the two. A historical understanding is needed: not all KDE users are on openSUSE; YaST is the central root-level control panel of openSUSE (and not only in the KDE environment). The KDE control panel started as a desktop environment settings menu, but is now growing as the KDE developers try to build an all-purpose system control panel, mainly targeted at desktop/mobile users. We can't blame the KDE folks for wanting to do this. However, in openSUSE, it creates a situation that is: * Confusing for newcomers, because there are two control panels and the distinction is blurred; * Insecure as things scale, because local-user and root settings are thrown in together. The distinction of a local-user privilege "desktop settings" control panel (i.e., KDE settings) and a super-user "system settings" control panel (i.e., YaST) is both sensible for security reasons, as it prevents light-hearted use of the root password, and helpful for newcomers, as it clearly marks the line between local and system settings. The current combination of: 1) Allowing KDE control panel to access system-level settings, displaying only the Windows-style "password to confirm" dialogue, 2) Root password = local user password by default openSUSE installation setting*, 3) Everybody Hates Apper --> and yet it runs by default, is dangerous and stupid. * this is not a security violation in the stricter sense, however, it fails to teach newcomers an appreciation of the meaning and importance of the "root user" on a Unix-like system (and by implication, becomes insecure). Discussion: #1: vazha vandan (vazhavandan) (2013-02-24 16:13:09) What do we do in case of other desktops like GNOME,LXDE,XFCE and even E17 which is probably going to be shipped with 12.3 ? integrating YAST with each DEs settings is going to be a huge task + #2: Kalenz . (kalenz) (2013-03-03 17:42:42) (reply to #1) + YaST exists happily in console mode; any DE with a terminal emulator + can get to YaST. Conversely, it seems strange (and redundant) to give + any desktop environment settings interface access to root-level + configuration! + Or are you trying to tell me that openSUSE intends to drop YaST? -- openSUSE Feature: https://features.opensuse.org/314842
Feature changed by: akash vishwakarma (vish_99) Feature #314842, revision 6 Title: KDE control panel: local user settings only || YaST: root-level - openSUSE Infrastructure: Unconfirmed + openSUSE Distribution: Unconfirmed Priority Requester: Desirable + openSUSE Infrastructure: Rejected by akash vishwakarma (vish_99) + reject reason: changing product to openSUSE distribution + Priority + Requester: Desirable Requested by: Kalenz . (kalenz) Partner organization: openSUSE.org Description: We should draw a clear distinction: the KDE control panel should be about the desktop environment only (local user level only), and all system (root-level) settings are YaST territory. This would mean: clean up the KDE code to remove anything that 'invades'. Moderate version: have a switch somewhere that says: "Allow access to system settings from KDE control panel (asking for root password)", switched off by default . It should be there for the benefit of KDE users familiar with these tools, not as the default thing in the face of openSUSE newcomers. Business case (Partner benefit): openSUSE.org: Having two control panels (KDE/YaST) is confusing and unsafe. Several threads in the forum address this issue, and several items on openFATE have appeared, suggesting that we "merge" the two. A historical understanding is needed: not all KDE users are on openSUSE; YaST is the central root-level control panel of openSUSE (and not only in the KDE environment). The KDE control panel started as a desktop environment settings menu, but is now growing as the KDE developers try to build an all-purpose system control panel, mainly targeted at desktop/mobile users. We can't blame the KDE folks for wanting to do this. However, in openSUSE, it creates a situation that is: * Confusing for newcomers, because there are two control panels and the distinction is blurred; * Insecure as things scale, because local-user and root settings are thrown in together. The distinction of a local-user privilege "desktop settings" control panel (i.e., KDE settings) and a super-user "system settings" control panel (i.e., YaST) is both sensible for security reasons, as it prevents light-hearted use of the root password, and helpful for newcomers, as it clearly marks the line between local and system settings. The current combination of: 1) Allowing KDE control panel to access system-level settings, displaying only the Windows-style "password to confirm" dialogue, 2) Root password = local user password by default openSUSE installation setting*, 3) Everybody Hates Apper --> and yet it runs by default, is dangerous and stupid. * this is not a security violation in the stricter sense, however, it fails to teach newcomers an appreciation of the meaning and importance of the "root user" on a Unix-like system (and by implication, becomes insecure). Discussion: #1: vazha vandan (vazhavandan) (2013-02-24 16:13:09) What do we do in case of other desktops like GNOME,LXDE,XFCE and even E17 which is probably going to be shipped with 12.3 ? integrating YAST with each DEs settings is going to be a huge task #2: Kalenz . (kalenz) (2013-03-03 17:42:42) (reply to #1) YaST exists happily in console mode; any DE with a terminal emulator can get to YaST. Conversely, it seems strange (and redundant) to give any desktop environment settings interface access to root-level configuration! Or are you trying to tell me that openSUSE intends to drop YaST? -- openSUSE Feature: https://features.opensuse.org/314842
participants (1)
-
fate_noreply@suse.de