"Drop all elevated privileges" menu doesn't make sense

Bug #550502 reported by Matthew Paul Thomas on 2010-03-28
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
One Hundred Papercuts
Low
Unassigned
policykit-gnome
Fix Released
Medium
policykit-1-gnome (Ubuntu)
Medium
Unassigned

Bug Description

Ubuntu Lucid, all updates installed

1. Install something in Ubuntu Software Center.
2. Click on the key icon that appears in the panel.

What happens: The key is a menu containing one item, "Drop all elevated privileges".

I don't understand this, and I therefore arrogantly assume that most people won't understand it either. :-) I cannot find any explanation in the Ubuntu Help or on the Web, only these people who also don't understand it:
<http://forums.opensuse.org/applications/429061-drop-all-elevated-privileges.html>
<http://ubuntuforums.org/showthread.php?p=9041471>

Does it do anything useful? If so, it should be reworded to express its usefulness. If not, it should be removed.

Related branches

description: updated
James Westby (james-w) on 2010-03-28
affects: policykit-gnome (Ubuntu) → policykit-1-gnome (Ubuntu)
James Westby (james-w) on 2010-03-28
Changed in policykit-1-gnome (Ubuntu):
importance: Undecided → Medium
status: New → Confirmed
Vish (vish) on 2010-03-29
Changed in hundredpapercuts:
importance: Undecided → Low
status: New → Triaged
Vish (vish) wrote :
Changed in policykit-1-gnome (Ubuntu):
status: Confirmed → Triaged
Changed in hundredpapercuts:
milestone: none → maverick-round-4-potpourri
Changed in policykit-gnome:
status: Unknown → New
Roman A. Taycher (rtaycher) wrote :

I believe it basically means it drops the privileges you authenticated for. IE you probably got a password prompt recently that asked for your password to allow you to do things you might not want every user doing such as installing packages, adding/deleting users, changing time, partitioning the system, ect., when you entered your password and told them you really are user who has permission to ask to do that you gained ability to use those system privileges for now. When you drop all elevated privileges, you loose the ability to change those things unless you put in your password again.

Matthew Paul Thomas (mpt) wrote :

So, in what situations would that be useful? When would I want to lose "the ability to change those things unless you put in your password again"?

And, is there any understandable way it could be worded?

Miguel Gaspar (ghaspias) wrote :

It would be useful if, for instance:
Your child is playing, and an update manager window appears; you don't want him to install updates, so you need to provide your password for that kind of operations. But then, you don't want to be prompted for the password every time when you are doing several administrative tasks, so the system remembers for some time that you 'got hold' of super-user previleges. It will expire after a few minutes, I guess. That is indicated by the presence of the key icon in the status bar.
Now, when you are done with some administrative tasks, and your child resumes playing Tux, you'll want to discard those privileges, so he won't do anything wrong by acident. That's what the 'drop elevated privileges' means.

It probably should have a 'What is this?' option in that menu... and perhaps 'Administrative previleges' would be more familiar to window users...

One problem is: it appears when one authenticates: 'Provide your password to allow this or that'. But when one authenticates, he is doing some task (that is interrupted by that prompt), and doesn't notice the icon in the status bar. When latter he notices it, it's not easy to understand where it came from.

Changed in policykit-gnome:
importance: Unknown → Medium
Matthew Paul Thomas (mpt) wrote :

Excellent summary, thank you Miguel.

I think Ubuntu without the menu -- or any other way to discard those privileges -- would be better than Ubuntu with the menu. Gnome 3 drops it anyway, so in that respect this bug is fixed.

Better still would be to have an understandable way of controlling whether the password is remembered. One way of controlling it, ahead of time, would be to have a checkbox in the PolicyKit dialog itself.

Jeremy Bicha (jbicha) wrote :

I agree that the drop privileges indicator doesn't fit in well. Is it an annoyance to not have PolicyKit ever remember authentication after the window is closed?

From a design/security perspective, I'd like to note that sudo stays authenticated for a certain period as long as that terminal tab is open.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package policykit-1-gnome - 0.101-2ubuntu1

---------------
policykit-1-gnome (0.101-2ubuntu1) oneiric; urgency=low

  [ Mathieu Trudel-Lapierre ]
  * Merge with Debian unstable; remaining changes (LP: #777366):
    - 04-autorestart.patch: Add gnome session restart support to ensure we
      always have an authentication agent running. To be forwarded upstream.
    - 06-authentication-failure-string.patch: Improve error message displayed
      when authentication fails.
    - Tell the .desktop file for the authentication agent to auto-restart the
      agent in case of failure.
    - Use dh-autoreconf to reconfigure after applying patches, especially for
      04-autorestart.patch.
  * debian/patches/05-appindicator.patch: dropped, partly due to upstream
    dropping status icon support. This also fixes usability bug (LP: #550502).
  * debian/patches/04-autorestart.patch: refreshed to apply cleanly.

  [ Martin Pitt ]
  * debian/rules, debian/control: Build against GTK 3.

policykit-1-gnome (0.101-2) unstable; urgency=low

  * Upload to unstable.

policykit-1-gnome (0.101-1) experimental; urgency=low

  * New upstream release.
  * Update patches
    - Drop debian/patches/01-fix-autostart.patch, obsolete.
    - Drop debian/patches/03-po-pt_BR.patch, merged upstream.
    - Refresh debian/patches/02-select-default-user.patch to apply cleanly.
  * Switch from cdbs to dh.
  * Bump debhelper compatibility level to 8.
  * Install documentation using debian/policykit-1-gnome.docs.
  * Ship a copy of the old autostart file for the PolicyKit authentication
    agent. It was removed upstream in preparation for GNOME3 which starts its
    own authentication agent.

policykit-1-gnome (0.99-2) unstable; urgency=low

  [ Robert Ancell ]
  * Drop 03-dialog-focus.patch. PolicyKit does not allow non-root applications
    to set details (LP: #685655)

  [ Michael Biebl ]
  * Upload to unstable.
 -- Mathieu Trudel-Lapierre <email address hidden> Mon, 16 May 2011 15:15:29 +0200

Changed in policykit-1-gnome (Ubuntu):
status: Triaged → Fix Released
Martin Pitt (pitti) on 2011-05-16
Changed in hundredpapercuts:
status: Triaged → Fix Released
Changed in policykit-gnome:
status: New → Fix Released
Marcus Haslam (marcus-haslam) wrote :

I'm out of the office until 1st August.

On 16 May 2011, at 20:33, Bug Watch Updater
<email address hidden> wrote:

> ** Changed in: policykit-gnome
>       Status: New => Fix Released
>
> --
> You received this bug notification because you are a member of
> Papercutters, which is subscribed to One Hundred Paper Cuts.
> https://bugs.launchpad.net/bugs/550502
>
> Title:
>  "Drop all elevated privileges" menu doesn't make sense
>
> Status in One Hundred Paper Cuts:
>  Fix Released
> Status in policykit-gnome:
>  Fix Released
> Status in “policykit-1-gnome” package in Ubuntu:
>  Fix Released
>
> Bug description:
>  Ubuntu Lucid, all updates installed
>
>  1. Install something in Ubuntu Software Center.
>  2. Click on the key icon that appears in the panel.
>
>  What happens: The key is a menu containing one item, "Drop all
>  elevated privileges".
>
>  I don't understand this, and I therefore arrogantly assume that
> most people won't understand it either. :-) I cannot find any
> explanation in the Ubuntu Help or on the Web, only these people who
> also don't understand it:
>  <http://forums.opensuse.org/applications/429061-drop-all-elevated-privileges.html
> >
>  <http://ubuntuforums.org/showthread.php?p=9041471>
>
>  Does it do anything useful? If so, it should be reworded to express
>  its usefulness. If not, it should be removed.

I'm out of the office until 1st August.

On 16 May 2011, at 15:12, Launchpad Bug Tracker <<email address hidden>
 > wrote:

> ** Branch linked: lp:ubuntu/policykit-1-gnome
>
> --
> You received this bug notification because you are a member of
> Papercutters, which is subscribed to One Hundred Paper Cuts.
> https://bugs.launchpad.net/bugs/550502
>
> Title:
>  "Drop all elevated privileges" menu doesn't make sense
>
> Status in One Hundred Paper Cuts:
>  Fix Released
> Status in policykit-gnome:
>  New
> Status in “policykit-1-gnome” package in Ubuntu:
>  Fix Released
>
> Bug description:
>  Ubuntu Lucid, all updates installed
>
>  1. Install something in Ubuntu Software Center.
>  2. Click on the key icon that appears in the panel.
>
>  What happens: The key is a menu containing one item, "Drop all
>  elevated privileges".
>
>  I don't understand this, and I therefore arrogantly assume that
> most people won't understand it either. :-) I cannot find any
> explanation in the Ubuntu Help or on the Web, only these people who
> also don't understand it:
>  <http://forums.opensuse.org/applications/429061-drop-all-elevated-privileges.html
> >
>  <http://ubuntuforums.org/showthread.php?p=9041471>
>
>  Does it do anything useful? If so, it should be reworded to express
>  its usefulness. If not, it should be removed.

Marcus Haslam (marcus-haslam) wrote :
Download full text (3.4 KiB)

I'm out of the office until 1st August.

On 16 May 2011, at 14:20, Launchpad Bug Tracker <<email address hidden>
 > wrote:

> This bug was fixed in the package policykit-1-gnome - 0.101-2ubuntu1
>
> ---------------
> policykit-1-gnome (0.101-2ubuntu1) oneiric; urgency=low
>
>  [ Mathieu Trudel-Lapierre ]
>  * Merge with Debian unstable; remaining changes (LP: #777366):
>    - 04-autorestart.patch: Add gnome session restart support to
> ensure we
>      always have an authentication agent running. To be forwarded
> upstream.
>    - 06-authentication-failure-string.patch: Improve error message
> displayed
>      when authentication fails.
>    - Tell the .desktop file for the authentication agent to auto-
> restart the
>      agent in case of failure.
>    - Use dh-autoreconf to reconfigure after applying patches,
> especially for
>      04-autorestart.patch.
>  * debian/patches/05-appindicator.patch: dropped, partly due to
> upstream
>    dropping status icon support. This also fixes usability bug (LP:
> #550502).
>  * debian/patches/04-autorestart.patch: refreshed to apply cleanly.
>
>  [ Martin Pitt ]
>  * debian/rules, debian/control: Build against GTK 3.
>
> policykit-1-gnome (0.101-2) unstable; urgency=low
>
>  * Upload to unstable.
>
> policykit-1-gnome (0.101-1) experimental; urgency=low
>
>  * New upstream release.
>  * Update patches
>    - Drop debian/patches/01-fix-autostart.patch, obsolete.
>    - Drop debian/patches/03-po-pt_BR.patch, merged upstream.
>    - Refresh debian/patches/02-select-default-user.patch to apply
> cleanly.
>  * Switch from cdbs to dh.
>  * Bump debhelper compatibility level to 8.
>  * Install documentation using debian/policykit-1-gnome.docs.
>  * Ship a copy of the old autostart file for the PolicyKit
> authentication
>    agent. It was removed upstream in preparation for GNOME3 which
> starts its
>    own authentication agent.
>
> policykit-1-gnome (0.99-2) unstable; urgency=low
>
>  [ Robert Ancell ]
>  * Drop 03-dialog-focus.patch. PolicyKit does not allow non-root
> applications
>    to set details (LP: #685655)
>
>  [ Michael Biebl ]
>  * Upload to unstable.
> -- Mathieu Trudel-Lapierre <email address hidden>   Mon, 16 May
> 2011 15:15:29 +0200
>
> ** Changed in: policykit-1-gnome (Ubuntu)
>       Status: Triaged => Fix Released
>
> --
> You received this bug notification because you are a member of
> Papercutters, which is subscribed to One Hundred Paper Cuts.
> https://bugs.launchpad.net/bugs/550502
>
> Title:
>  "Drop all elevated privileges" menu doesn't make sense
>
> Status in One Hundred Paper Cuts:
>  Fix Released
> Status in policykit-gnome:
>  New
> Status in “policykit-1-gnome” package in Ubuntu:
>  Fix Released
>
> Bug description:
>  Ubuntu Lucid, all updates installed
>
>  1. Install something in Ubuntu Software Center.
>  2. Click on the key icon that appears in the panel.
>
>  What happens: The key is a menu containing one item, "Drop all
>  elevated privileges".
>
>  I don't understand this, and I therefore arrogantly assume that
> most people won't understand it either. :-) I cannot find any
> explanation in the Ubuntu Help or on the Web, only these pe...

Read more...

Marcus Haslam (marcus-haslam) wrote :

I'm out of the office until 1st August.

On 5 May 2011, at 17:41, Launchpad Bug Tracker <<email address hidden>
 > wrote:

> ** Branch linked: lp:~mathieu-tl/policykit-1-gnome/merge-
> debian-0.101-2
>
> --
> You received this bug notification because you are a member of
> Papercutters, which is subscribed to One Hundred Paper Cuts.
> https://bugs.launchpad.net/bugs/550502
>
> Title:
>  "Drop all elevated privileges" menu doesn't make sense
>
> Status in One Hundred Paper Cuts:
>  Triaged
> Status in policykit-gnome:
>  New
> Status in “policykit-1-gnome” package in Ubuntu:
>  Triaged
>
> Bug description:
>  Ubuntu Lucid, all updates installed
>
>  1. Install something in Ubuntu Software Center.
>  2. Click on the key icon that appears in the panel.
>
>  What happens: The key is a menu containing one item, "Drop all
>  elevated privileges".
>
>  I don't understand this, and I therefore arrogantly assume that
> most people won't understand it either. :-) I cannot find any
> explanation in the Ubuntu Help or on the Web, only these people who
> also don't understand it:
>  <http://forums.opensuse.org/applications/429061-drop-all-elevated-privileges.html
> >
>  <http://ubuntuforums.org/showthread.php?p=9041471>
>
>  Does it do anything useful? If so, it should be reworded to express
>  its usefulness. If not, it should be removed.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.