Comment 17 for bug 1668321

Revision history for this message
Thomas Haller (thaller-1) wrote :

Re: #14.

NetworkManager does not trust its D-Bus clients and uses PolicyKit to check whether a certain user action is allowed or denied. NetworkManager's D-Bus API exposes these PolicyKit permissions to the client, and they are accessible via libnm (nm_client_get_permission_result()).

Maybe nm-applet could implement a restricted mode by autodetecting which parts are restricted using PolicyKit permissions. However, it doesn't. If you look at the code, the permission checks there are merely to see whether a certain GUI option should be enabled or not. The intend is to avoid exposing a UI option that is know to fail, not to protect the system from the user.

I think what I said in comment #13 is correct.