Well, I thought of doing it this way:
If an application requests something, an ordinary user isn't allowed to do without an system maintenance password, it pauses the thread, which asked, and pops up a window, asking for the system maintenance password (either the user specific, if he has one, or the systemwide password).
If the user enters a correct password, the system unpauses the thread and gives him, what it asked for, if not the user will be asked again some times (with the ability to abort) and after some tries, or if the user aborted, it unpauses the thread and rejects the requested action, so there shouldn't be that many compatibility issues, as the applications don't know, the action they requested is checked.
The only problem is, like you mentioned, if an application doesn't know, how to handle these rejected requests. Maybe we can create a compatibility tool for it, so that we can start applications with system maintenance rights.
But something about burning: Why do we have to handle this like MS does? We can enable burning for ordinary users by default, so this problem wouldn't appear...
Greets,
David Hinz
Michael B. Trausch schrieb:
On Fri, 2005-12-16 at 18:27 +0100, David Hinz wrote:
Maybe we should do it the unix/linux way, there is a root user, called administrator, he is allowed to do everything, but by default you shouldn't be able to login as administrator (the way it is on ubuntu and some other linux-distributions).
[snip]
Windows Vista starts to put in a framework for something like this, whereby if the user doesn't have admin privilege on the workstation, they receive "virtualized" copies of the system folders. It is sort of like the BSD chroot jail, but you can't alter system-wide attributes.
Also, "Administrator" is the only account that can do a lot of things. Even other designated computer administrators cannot do some of the things that the Administrator can do, such as burn CDs, without help from another set of privileges. In using the system, it's Windows, for sure, but it doesn't work the way you would expect Windows to work, and it breaks a good bit of software.
Now, mind, Windows Vista isn't released yet, so they're going to be working on addressing some of those issues (so they claim), but it's a pain in the behind. I couldn't figure out, for example, how to grant special privileges to the other computer administrators, such as the ability to use some of the control panels (Device Manager within System, being one of them). You could view the list as another computer admin, but you couldn't install drivers or any of the like without logging into the administrator account. I found that pretty annoying, since I could not find a way to grant that ability to another computer administrator.
Be careful, many applications make assumptions about how the security mechanisms work, and if they do not work in the way that is expected, they unexpectedly bail. That is also kind of annoying. Only a small handful of applications can detect that scenerio and warn the user (such as Nero).
Just a heads up. :)
Later, Mike
Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev