@ebassi Just recently I got an issue from a user on KDE who has Reduced Motion (or similar) enabled there but our GTK app on Flatpak doesn't inherit it from KDE, only (the old option) from GNOME.
-
@sheogorath why are you even using a computer if you want to go back to a prelapsarian rural golden age?
@ebassi
I like the flickering lights on the rectangle in front of me when I push buttons. -
@ebassi I am too dumb to figure out what is sarcasm or not... What should we be using?
-
@ebassi I am too dumb to figure out what is sarcasm or not... What should we be using?
@douginamug use software that has proper separation of security domains, and uses authenticated escalation for privileged operations
-
@simoncrowe do fdisk and mkfs.* come with a GUI and about a million lines of unaudited code?
@ebassi
Fair point
-
@ebassi is there some sort of privilege-separated GUI that folk can use instead?
I tend to use a cli, but I can definitely understand how some folk feel far more comfortable running a GUI.
-
@ebassi is there some sort of privilege-separated GUI that folk can use instead?
I tend to use a cli, but I can definitely understand how some folk feel far more comfortable running a GUI.
@whynothugo anything that uses udisks should be fine, like GNOME Disks; any missing feature that gparted needs should be added to udisks.
-
@whynothugo anything that uses udisks should be fine, like GNOME Disks; any missing feature that gparted needs should be added to udisks.
@ebassi IIRC, udisks is pretty complicated to set up (and depends on polkit which can also be quite tricky). Consider that folks who need a GUI want something dead simple. Like “sudo gparted-daemon” and then “gparted-gui” on another terminal.
It also the kind of tool that is usually used quickly in some one-off scenario, not something for which one wants to dedicate lots of time setting up and configuring.
-
@ebassi IIRC, udisks is pretty complicated to set up (and depends on polkit which can also be quite tricky). Consider that folks who need a GUI want something dead simple. Like “sudo gparted-daemon” and then “gparted-gui” on another terminal.
It also the kind of tool that is usually used quickly in some one-off scenario, not something for which one wants to dedicate lots of time setting up and configuring.
@whynothugo "depends on polkit" yeah, no shit. The privilege escalation flow is a solved problem if you use the tools that the OS provides you. "Something dead simple" is not a thing, unless you want to re-implement everything that already exists and is well integrated with the rest of the OS. In short: people don't want "dead simple" as in "I have to run two binaries"; they want something that works like everything else.
-
@whynothugo "depends on polkit" yeah, no shit. The privilege escalation flow is a solved problem if you use the tools that the OS provides you. "Something dead simple" is not a thing, unless you want to re-implement everything that already exists and is well integrated with the rest of the OS. In short: people don't want "dead simple" as in "I have to run two binaries"; they want something that works like everything else.
@whynothugo in short: yes, there's some complexity, usually already dealt with by the people developing the applications and integrating your OS. The complexity is not there for shits and giggles, and it's only visible if you're taking over from those two roles above. Some computer touchers enjoy doing the integrator's job, but that's not something that actual users have to care about.
-
@ebassi I trust in the decades-proven security and reliability of Xorg on my stable extended long-term support distribution
-
@whynothugo "depends on polkit" yeah, no shit. The privilege escalation flow is a solved problem if you use the tools that the OS provides you. "Something dead simple" is not a thing, unless you want to re-implement everything that already exists and is well integrated with the rest of the OS. In short: people don't want "dead simple" as in "I have to run two binaries"; they want something that works like everything else.
@ebassi people want “dead simple" and “want something that works like everything else”. That’s why they (try to) run gparted as root.
You can just create a socket for IPC, and use group membership to control permissions. Linux, BSD and any other Unix-like support this just fine.
Perhaps polkit+udisks has some technical advantage (compared to a socket) in some specific use case, but folks will always go for convenience. Especially the kind of folks who want a GUI.
-
@ebassi people want “dead simple" and “want something that works like everything else”. That’s why they (try to) run gparted as root.
You can just create a socket for IPC, and use group membership to control permissions. Linux, BSD and any other Unix-like support this just fine.
Perhaps polkit+udisks has some technical advantage (compared to a socket) in some specific use case, but folks will always go for convenience. Especially the kind of folks who want a GUI.
@whynothugo sorry, but nothing of what you wrote is correct, or how things are supposed to work in 2025. I strongly recommend you stop hurting yourself.
-
@whynothugo sorry, but nothing of what you wrote is correct, or how things are supposed to work in 2025. I strongly recommend you stop hurting yourself.
@whynothugo an OpenBSD and Alpine user coming here and arguing for ease of use with handrolled IPC sockets instead of the proper privilege escalation API that is well integrated with desktop environments used by millions of people…
-
@whynothugo sorry, but nothing of what you wrote is correct, or how things are supposed to work in 2025. I strongly recommend you stop hurting yourself.
@ebassi stating that what I said is incorrect contributes nothing to a discussion. If you believe that a statement is incorrect, please elaborate on that.
And please refrain for insults, this has so far been a civil conversions. I have not disrespected you in any way.
-
@ebassi I trust in the decades-proven security and reliability of Xorg on my stable extended long-term support distribution
-
@tragivictoria @ebassi yes i'm the ubuntu 16.04 georg
-
@ebassi I trust in the decades-proven security and reliability of Xorg on my stable extended long-term support distribution
-
@ebassi https://m.xkcd.com/1200/
it's not like people are going to run GParted sandboxed otherwise. And it fundamentally needs access to your full disk, so not running as root is not going to buy you much security.
But yeah, you don't *have to* run it as root either, so why not run it as $USER.
-
@ebassi https://m.xkcd.com/1200/
it's not like people are going to run GParted sandboxed otherwise. And it fundamentally needs access to your full disk, so not running as root is not going to buy you much security.
But yeah, you don't *have to* run it as root either, so why not run it as $USER.
@bugaevc that XKCD strip is fundamentally flawed: installing fake software running as an admin is how people get access to all those remote services without having to physically steal the laptop.
The problem is not running gparted (or whatever application): it's running everything, from settings to random (GTK) modules, as root without your knowledge or consent. You don't know what else has root access when you run a whole ass GUI application.
-
@bugaevc that XKCD strip is fundamentally flawed: installing fake software running as an admin is how people get access to all those remote services without having to physically steal the laptop.
The problem is not running gparted (or whatever application): it's running everything, from settings to random (GTK) modules, as root without your knowledge or consent. You don't know what else has root access when you run a whole ass GUI application.
@bugaevc I've have bug reports for gdk-pixbuf being broken after the switch to sandboxed loaders because people run gparted as root and modify the environment to set themes and cursors from their user's home directory. This is the kind of insanity we allow, while going around sandboxing and hardening the underlying OS.
