[rfc][icedtea-web] Enhanced signed app's messages
Andrew Azores
aazores at redhat.com
Fri Dec 6 08:29:14 PST 2013
On 12/06/2013 11:19 AM, Jacob Wisor wrote:
> Andrew Azores schrieb:
>> On 12/05/2013 04:26 AM, Jiri Vanek wrote:
>>> On 12/04/2013 07:56 PM, Andrew Azores wrote:
>>>> On 12/04/2013 01:34 PM, Jacob Wisor wrote:
>>>>> Hello!
>>>>>
>>>>> Jiri Vanek wrote:
>>>>> > As Andy suggested, What about this messages?
>>>>> > If it will pass, I would like to push it to 1.4 too.
>>>>>
>>>>> > +SSigUnverified=The application's digital signature cannot be
>>>>> verified. Do you
>>>>> > want to run the application, and so grant to this application
>>>>> unrestricted
>>>>> > access to your computer?
>>>>> > +SSigVerified=The application's digital signature has been
>>>>> verified. Do you
>>>>> > want to run the application, and so grant to this application
>>>>> unrestricted
>>>>> > access to your computer?
>>>>> > +SSignatureError=The application's digital signature has an
>>>>> error. Do you want
>>>>> > to run the application, and so grant to this application
>>>>> unrestricted access
>>>>> > to your computer?
>>>>>
>>>>> Hmm, "unrestricted access" sounds scary
>>>
>>> considering the original email of Andy, it is exactly what it should
>>> sounds like.
>>> Considering the user *do* read, it can more easily understand
>>> "unrestricted access" then "application is fully signed". If we wont
>>> to add "run in sandbox" button soon, or list individual requested
>>> permissions, then I still believe this message is a step in right
>>> direction.
>>>
>>> I was trying to transform the message a bit, but all I got was less
>>> clear, too long, or more wrong.
>>>
>>> So I still would like to push this messages, unless some better
>>> versions appear.
>>
>> I'll suggest this alternate wording for your consideration:
>>
>> "The application's digital signature cannot be verified. Do you want
>> to run the application? It will be granted unrestricted access to
>> your computer."
>
> Reads promising, but I am still uncomfortable with "unrestricted
> access to your computer". Since operating systems employ multi-user
> access and access rights this statement is simply not true per se. I
> am well aware that the average user may not know the difference, but
> for better or worse todays operating systems did get complicated.
> Thus, I do believe it is better to tell the user the technical truth
> rather than covering it up with cloudy terms or just scaring the user
> away: If you don't know it, you better not touch it. Yes indeed, for
> most of life this is the motto anyone should operate under, but we got
> to have at least some faith into the user's common sense. Users should
> rather be enabled to understand that there are always risks involved
> using computers and software, not just be scared off. Users should be
> given a risk ratio at hand so that /they/ can decide whether they want
> to take upon this risk or not.
> Long story short, I do not have a wording to suggest, but I am sure
> Andrew is wise and skilled enough to come up with a good one. ;-)
>
> Jacob
s/computer/data/ ... then it is true, is it not? Since "your data" would
imply anything on the computer that "you" (your UID) has access to. If
you happen to be root, then "your data" == "the computer", essentially.
If we want to provide an in-depth explanation to the user of how
multi-user operating systems provide protection through filesystem
permissions and ACLs, and what the "AllPermissions" permission signifies
in this context, then it should at least be put somewhere else, rather
than in this brief warning label.
Thanks,
--
Andrew A
More information about the distro-pkg-dev
mailing list