Comment 18 for bug 82159
Revision history for this message
| Martin Pool (mbp) wrote Re: [Bug 82159] Re: Add a mode to landscape-client that allows it to run non-root (and with limited plugins) | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
The way this is handled for OAuth for Launchpad is pretty nice,
whereby during the handshaking process you're asked if you want to
give the program readonly or write access, and whether it should be
able to see private bugs or not. Similarly for say facebook.
I realize it's not precisely technically comparable because in this
case it is the less-trusted program that's presenting the web ui, but
the way it appears to the user may be something to aim for.
Perhaps during registration you could just show a message saying something like:
Landscape will have root-level control of $machine. You can restrict
it to having read-only or limited access by editing $file on $machine
and restarting the landscape-client service.
To me, root access to my machines is relatively more trusted than my
Launchpad account and I don't really want to invert that.