On Tue, 2009-12-15 at 07:58 -0200, Paulo J. S. Silva wrote: > > Yes, but that's true for any window where the user is using the default > > theme. It has nothing particularly to do with Update Manager. > > There is something *very* specific to update-manager. It is the only > application that asks my system password in an unpredicted manner. As > far as I remember all other applications that ask my password do it in > predictable moments. At least this is true for all other > administrative applications that I remember. I believe the problem stated is that of the asynchronous nature of the update manger after the Jaunty change. After this change, there is a password dialog that appears without correlation to the users actions. While we can debate the ability of the of malicious user to design a convincing counterfeit password dialog until we are blue in the face, the reality is that the unsophisticated user is unable to recognize even a crude forgery. Thus we are looking at a symptom of a larger problem. Yes, evolution among many others will ask for a password. But if the system is setup under the stated design goals, seahorse should handle all passwords of this nature. Thus we are left with an update dialog that randomly prompts a user for a password. I'm going to get flak for this, but here goes. a) Revert Lynx back to to old method of putting an update indicator back on the desktop. The advanced user, knowing these purpose of the icon, can click to install updates at their leisure. The password prompt will be synchronous, in response to the users initial click. b) AND, provide an option on logout or reboot to install updates. Keep the same options layout as normal, but add a blingy, animated button to the right of the existing options. Don't pull a MS and do the updates for them. Give them an option. When they click on on the update option, the system asks them for a password, again in a predictable responsive manner. This will handle the unsophisticated user that doesn't understand the purpose of the desktop icon which was the reason for having the pop down in the first place.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature