Mailinglist Archive: opensuse-features (93 mails)

< Previous Next >
[openFATE 314842] KDE control panel: local user settings only || YaST: root-level
Feature changed by: Kalenz . (Kalenz)
Feature #314842, revision 2
Title: KDE control panel: local user settings only || YaST: root-level

openSUSE Infrastructure: Unconfirmed
Requester: Desirable

Requested by: Kalenz . (kalenz)
Partner organization:

We should draw a clear distinction: the KDE control panel should be
about the desktop environment only (local user level only), and all
system (root-level) settings are YaST territory. This would mean: clean
up the KDE code to remove anything that 'invades'.
Moderate version: have a switch somewhere that says: "Allow access to
system settings from KDE control panel (asking for root password)",
switched off by default . It should be there for the benefit of KDE
users familiar with these tools, not as the default thing in the face
of openSUSE newcomers.

Business case (Partner benefit): Having two control panels (KDE/YaST) is confusing and
Several threads in the forum address this issue, and several items on
openFATE have appeared, suggesting that we "merge" the two. A
historical understanding is needed: not all KDE users are on openSUSE;
YaST is the central root-level control panel of openSUSE (and not only
in the KDE environment). The KDE control panel started as a desktop
environment settings menu, but is now growing as the KDE developers try
to build an all-purpose system control panel, mainly targeted at
desktop/mobile users.
We can't blame the KDE folks for wanting to do this. However, in
openSUSE, it creates a situation that is:
* Confusing for newcomers, because there are two control panels and the
distinction is blurred;
* Insecure as things scale, because local-user and root settings are
thrown in together.
The distinction of a local-user privilege "desktop settings" control
panel (i.e., KDE settings) and a super-user "system settings" control
panel (i.e., YaST) is both sensible for security reasons, as it
prevents light-hearted use of the root password, and helpful for
newcomers, as it clearly marks the line between local and system
The current combination of:
1) Allowing KDE control panel to access system-level settings,
displaying only the Windows-style "password to confirm" dialogue,
2) Root password = local user password by default openSUSE installation
- 3) "Everybody Hates Apper" --> and yet it runs by default,
+ 3) Everybody Hates Apper --> and yet it runs by default,
is dangerous and stupid.
* this is not a security violation in the stricter sense, however, it
fails to teach newcomers an appreciation of the meaning and importance
of the "root user" on a Unix-like system (and by implication, becomes

openSUSE Feature:

< Previous Next >
List Navigation
This Thread
  • No further messages