On Fri, 2009-02-20 at 21:54 +0100, stephane.demur...@free.fr wrote: > Do you think all those are possible and correct, or do you see an > alternative implementation? You have the best experience with > GIO/GVS/Nautilus, so I guess you could come up with the best > implementation plan, seeing the whole picture ;)
In general its almost always a bad idea to try to guess what will happen when you start doing i/o. There are innumerable ways in which things can go in ways you didn't expect (like i/o errors, weird filesystems, race conditions with other apps, etc). The only stable and correct approach is to just "do it" and handle the errors as they code. Of course, in some cases its also nice to check for *obvious* problems before starting the operation, like we do when checking the destination approximate space requirements before staring a copy. This is useful because it lets you terminate early instead of waiting a long time before getting an error. However you *still* need to check for and handle out of space issues in every i/o operation. For the case of raising the priviledge of the app this is a risky thing, and we don't want to risk doing that unnecessary, so its imho not a good idea to guess when to do this. > Could you sketch down a couple of points of your ideal implementation, > if it's not just a priviledged helper at the GFile level? Maybe you > thought something different since the blog post about the user > interaction already? I haven't really had time to think about it, but the general approach is to have a gvfs backend that accesses local files via a priviledged helper. Then the nautilus file operations code would switch to using this after authentication when it detects that local file operations fail due to permission errors. > What tears me is that it might be distribution-specific issues and > then I'd think of the PolKit integration as some sort of hack around > that, which is IMHO not the way forward then. I think its a combination. The distro should be able to mount i.e. removable media such that you get write permissions on your usb sticks or whatever. However, there is always cases where you really want a priviledge increase, i.e. when you want to move around files in /etc, give another user access to your files, or whatever. For example, its considered a bad idea to log in to a graphical desktop as root, since that gives increases privileges to *everything* and thus you risk both malicious attacks and unintended mistakes in any app affecting everything on the system. Instead it would make sense for a sysadmin to log in as himself and only request privs for the specific operations he want to do. -- nautilus-list mailing list nautilus-list@gnome.org http://mail.gnome.org/mailman/listinfo/nautilus-list