Mailinglist Archive: opensuse-features (93 mails)

< Previous Next >
[New: openFATE 314842] KDE control panel: local user settings only || YaST: root-level
Feature added by: Kalenz . (Kalenz)

Feature #314842, revision 1
Title: KDE control panel: local user settings only || YaST: root-level

openSUSE Infrastructure: Unconfirmed
Requester: Desirable

Requested by: Kalenz . (kalenz)
Partner organization:

We should draw a clear distinction: the KDE control panel should be about the
desktop environment only (local user level only), and all system (root-level)
settings are YaST territory. This would mean: clean up the KDE code to remove
anything that 'invades'.

Moderate version: have a switch somewhere that says: "Allow access to system
settings from KDE control panel (asking for root password)", switched off by
default . It should be there for the benefit of KDE users familiar with these
tools, not as the default thing in the face of openSUSE newcomers.

Business case (Partner benefit): Having two control panels (KDE/YaST) is confusing and unsafe.

Several threads in the forum address this issue, and several items on openFATE
have appeared, suggesting that we "merge" the two. A historical understanding
is needed: not all KDE users are on openSUSE; YaST is the central root-level
control panel of openSUSE (and not only in the KDE environment). The KDE
control panel started as a desktop environment settings menu, but is now
growing as the KDE developers try to build an all-purpose system control panel,
mainly targeted at desktop/mobile users.

We can't blame the KDE folks for wanting to do this. However, in openSUSE, it
creates a situation that is:

* Confusing for newcomers, because there are two control panels and the
distinction is blurred;
* Insecure as things scale, because local-user and root settings are thrown in

The distinction of a local-user privilege "desktop settings" control panel
(i.e., KDE settings) and a super-user "system settings" control panel (i.e.,
YaST) is both sensible for security reasons, as it prevents light-hearted use
of the root password, and helpful for newcomers, as it clearly marks the line
between local and system settings.

The current combination of:

1) Allowing KDE control panel to access system-level settings, displaying only
the Windows-style "password to confirm" dialogue,
2) Root password = local user password by default openSUSE installation
3) "Everybody Hates Apper" --> and yet it runs by default,

is dangerous and stupid.

* this is not a security violation in the stricter sense, however, it fails to
teach newcomers an appreciation of the meaning and importance of the "root
user" on a Unix-like system (and by implication, becomes insecure).

openSUSE Feature:

< Previous Next >
List Navigation
This Thread
  • No further messages