Warning, /plasma/plasma-workspace/doc/PolicyKit-kde/howitworks.docbook is written in an unsupported language. File is not indexed.
0001 <chapter id="howitworks"> 0002 <title>How it works</title> 0003 0004 <sect1 id="howitworks-overview"> 0005 <title>Overview</title> 0006 0007 <para>PolicyKit has a simple way of working, but it requires some 0008 design changes from the applications that want to use it to request 0009 passwords.</para> 0010 </sect1> 0011 0012 <sect1 id="howitworks-problem"> 0013 <title>The problem</title> 0014 0015 <para>In GUI applications the common way to gain root privileges is to start 0016 it as root, but there are several security risks in doing this method and 0017 it does not allow a good actions mapping. There is no way to separate actions 0018 like package-install of system-upgrading. 0019 All the users who want to use it must have the root password. Another common 0020 approach is using sudo but once you start an application with sudo you will 0021 have all the rights the root user will have. 0022 If for example the GUI application has a dialog to select files that dialog 0023 is running as root which means that the user might be able to delete any file 0024 on his machine or even coping others user files. 0025 </para> 0026 </sect1> 0027 0028 <sect1 id="howitworks-solution"> 0029 <title>The solution</title> 0030 0031 <para>With PolicyKit this problem is solved. The application in question 0032 just need to separate the privileged code into another application, 0033 often called helper (which will not have a GUI), then maps the desired 0034 actions into a <quote>.policy</quote> file. PolicyKit then loads this file 0035 and it can now authenticate applications to use those actions. 0036 The use of &DBus; activated applications is the best if not the only, 0037 way of putting an helper application to run with root privileges.</para> 0038 0039 <para>With this design the GUI application calls an action of the helper 0040 application through &DBus;, which will start the helper with root privileges, 0041 and informing it which action was requested and which application has requested 0042 it. The helper application now calls the PolicyKit agent to see if that application 0043 can do the given task, the helper should report if it could do the requested action. 0044 In case the helper saw that the application didn't have enough rights the GUI 0045 will then need to ask PolicyKit to obtain an authorization.</para> 0046 0047 <para>When PolicyKit receives the request to obtain an authorization it issues an 0048 available Agent, which might happen to be &policykit-kde; if available. After a successful 0049 authentication the GUI application needs to call the helper repeating the 0050 same operation again.</para> 0051 </sect1> 0052 0053 </chapter>