Warning, /plasma/plasma-workspace/doc/PolicyKit-kde/howitworks.docbook is written in an unsupported language. File is not indexed.

0001 <chapter id="howitworks">
0002 <title>How it works</title>
0003 
0004 <sect1 id="howitworks-overview">
0005 <title>Overview</title>
0006 
0007 <para>PolicyKit has a simple way of working, but it requires some
0008 design changes from the applications that want to use it to request
0009 passwords.</para>
0010 </sect1>
0011 
0012 <sect1 id="howitworks-problem">
0013 <title>The problem</title>
0014 
0015 <para>In GUI applications the common way to gain root privileges is to start
0016 it as root, but there are several security risks in doing this method and
0017 it does not allow a good actions mapping. There is no way to separate actions
0018 like package-install of system-upgrading.
0019 All the users who want to use it must have the root password. Another common
0020 approach is using sudo but once you start an application with sudo you will
0021 have all the rights the root user will have.
0022 If for example the GUI application has a dialog to select files that dialog
0023 is running as root which means that the user might be able to delete any file
0024 on his machine or even coping others user files.
0025 </para>
0026 </sect1>
0027 
0028 <sect1 id="howitworks-solution">
0029 <title>The solution</title>
0030 
0031 <para>With PolicyKit this problem is solved. The application in question
0032 just need to separate the privileged code into another application,
0033 often called helper (which will not have a GUI), then maps the desired
0034 actions into a <quote>.policy</quote> file. PolicyKit then loads this file
0035 and it can now authenticate applications to use those actions.
0036 The use of &DBus; activated applications is the best if not the only,
0037 way of putting an helper application to run with root privileges.</para>
0038 
0039 <para>With this design the GUI application calls an action of the helper
0040 application through &DBus;, which will start the helper with root privileges,
0041 and informing it which action was requested and which application has requested
0042 it. The helper application now calls the PolicyKit agent to see if that application
0043 can do the given task, the helper should report if it could do the requested action.
0044 In case the helper saw that the application didn't have enough rights the GUI
0045 will then need to ask PolicyKit to obtain an authorization.</para>
0046 
0047 <para>When PolicyKit receives the request to obtain an authorization it issues an
0048 available Agent, which might happen to be &policykit-kde; if available. After a successful
0049 authentication the GUI application needs to call the helper repeating the
0050 same operation again.</para>
0051 </sect1>
0052 
0053 </chapter>