Re: Prompting for passwords on the desktop?

2008-10-19 Thread Bryan Clark
In terms of User Experience I've grown to love the mac style sheet dialog [1] for password prompts. It's not often that I'll recommend a dialog, or a modal dialog for user interactions. However sheets seem to have most of the properties you want when a password is required from an application. I

Re: Prompting for passwords on the desktop?

2008-09-22 Thread Brian Cameron
Note that the Windows solution to use Ctrl+Alt+Del as a Secure Attention Key is just one way to implement Trusted Path. There is no reason that the GNOME or UNIX community couldn't come up with a different and novel way to meet the same requirements. The Secure Attention Key should be viewed as

Re: Prompting for passwords on the desktop?

2008-09-22 Thread Josselin Mouette
Le lundi 22 septembre 2008 à 16:02 +0200, Dave Neary a écrit : > > I really think the good criterion is not “has focus” but some “action > > triggered by the user less than 1 second ago”. > > That seems like it'll be overly complicating any code that gets written > to handle this. I didn’t mean

Re: Prompting for passwords on the desktop?

2008-09-22 Thread Dave Neary
Hi, Josselin Mouette wrote: > Le lundi 22 septembre 2008 à 11:54 +0200, Steve Frécinaux a écrit : >> We could have such a behaviour: >> >> - if the application requesting the password is focused, then show the >> modal dialog directly. >> - if not, then have an icon in the notification area or som

Re: Prompting for passwords on the desktop?

2008-09-22 Thread Josselin Mouette
Le lundi 22 septembre 2008 à 11:54 +0200, Steve Frécinaux a écrit : > 2008/9/18 Josselin Mouette <[EMAIL PROTECTED]>: > > One way to avoid annoying the user is to establish a line like "a > > password prompt should only pop up immediately after a user action". > > This way it appears only while you

Re: Prompting for passwords on the desktop?

2008-09-22 Thread Steve Frécinaux
2008/9/18 Josselin Mouette <[EMAIL PROTECTED]>: > One way to avoid annoying the user is to establish a line like "a > password prompt should only pop up immediately after a user action". > This way it appears only while you are expecting to type a password. > > Good behavior: you click on "send mai

Re: Prompting for passwords on the desktop?

2008-09-20 Thread Stef
Patryk Zawadzki wrote: > On Fri, Sep 19, 2008 at 12:42 PM, Gustavo J. A. M. Carneiro > <[EMAIL PROTECTED]> wrote: >> Someone who has gained a user privilege could possibly show a fake >> password input dialog that looks exactly like a "real" password prompt, >> thereby learning the root password. >

Re: Prompting for passwords on the desktop?

2008-09-20 Thread Stef
Josselin Mouette wrote: > Le jeudi 18 septembre 2008 à 18:46 +, Stef a écrit : >> Some people want it to act like gksudo. That is, make a password prompt >> desktop modal, no other windows are accessible, everything grayed out. >> >> Use case/complaint: "I was giving a presentation in front of

Re: Prompting for passwords on the desktop?

2008-09-19 Thread Patryk Zawadzki
On Fri, Sep 19, 2008 at 2:50 PM, Gustavo J. A. M. Carneiro <[EMAIL PROTECTED]> wrote: > On Fri, 2008-09-19 at 13:09 +0200, Patryk Zawadzki wrote: >> I believe the goal is to use some uncatchable keyboard sequence a'la >> Windows' secure auth (Ctrl+Alt+Del). > This is kind of silly; I have to type a

Re: Prompting for passwords on the desktop?

2008-09-19 Thread Alan Cox
> This is kind of silly; I have to type a complex keyboard combination in > order to input a password? That is annoying. Additionally, switching It makes a lot of sense in some environments and not a lot of sense in many others. > VTs in Linux is usually slow; more annoyance. Expect some resis

Re: Prompting for passwords on the desktop?

2008-09-19 Thread Gustavo J. A. M. Carneiro
On Fri, 2008-09-19 at 13:09 +0200, Patryk Zawadzki wrote: > On Fri, Sep 19, 2008 at 12:42 PM, Gustavo J. A. M. Carneiro > <[EMAIL PROTECTED]> wrote: > > Someone who has gained a user privilege could possibly show a fake > > password input dialog that looks exactly like a "real" password prompt, > >

Re: Prompting for passwords on the desktop?

2008-09-19 Thread Patryk Zawadzki
On Fri, Sep 19, 2008 at 12:42 PM, Gustavo J. A. M. Carneiro <[EMAIL PROTECTED]> wrote: > Someone who has gained a user privilege could possibly show a fake > password input dialog that looks exactly like a "real" password prompt, > thereby learning the root password. > > Same thing with VT swiching

Re: Prompting for passwords on the desktop?

2008-09-19 Thread Gustavo J. A. M. Carneiro
wOn Thu, 2008-09-18 at 22:55 -0500, Brian Cameron wrote: > Stef: > > > Is there a standard way or goal for the UI and behavior of password > > prompts on the desktop? Besides having as few as possible, that is. > > There is Trusted Path to consider. To meet Trusted Path requirements, > any entry

Re: Prompting for passwords on the desktop?

2008-09-18 Thread Brian Cameron
Stef: Is there a standard way or goal for the UI and behavior of password prompts on the desktop? Besides having as few as possible, that is. There is Trusted Path to consider. To meet Trusted Path requirements, any entry of the root password needs to be done via a trusted user. This means t

Re: Prompting for passwords on the desktop?

2008-09-18 Thread Josselin Mouette
Le jeudi 18 septembre 2008 à 18:46 +, Stef a écrit : > Some people want it to act like gksudo. That is, make a password prompt > desktop modal, no other windows are accessible, everything grayed out. > > Use case/complaint: "I was giving a presentation in front of thousands > of people. I did

Prompting for passwords on the desktop?

2008-09-18 Thread Stef
Is there a standard way or goal for the UI and behavior of password prompts on the desktop? Besides having as few as possible, that is. There are several outstanding bugs against the behavior of gnome-keyring and seahorse about password prompting. It's not difficult to code a solution, but decidin