[besson3c]

Sorry if this has been discussed before.

I just noticed that in Panther, when you go to delete a folder you don't have access to (in my case, I tried deleting the "pictures" folder within a completely different account - the folder had the usual red "-" through it, I could not read the folder's contents), you get a password prompt to basically sudo and perform a function that in Jaguar you wouldn't be permitted to do.

The good:

Admins don't have to deal with "you don't have permission to do this" dialogs, or have to fish around in the Finder or Terminal to chown.


The bad:

Beginners (who are admins) can really screw their systems up. Users have to really understand why they are authenticating. Viruses??


Does the good outweigh the bad here? What do you think?

[TimmyDee51]

This really isn't that much different from Jaguar's implementation, it just cuts to the chase. You still have to authenticate to delete the folder, so I think we're safe from viruses. Inexperienced users may run in to troubles, but I wouldn't think the new way would allow them to delete necessary system files, just files owned by other users. Really, that would be more a nuisance than anything else.

[CharlesS]

Originally posted by TimmyDee51:
This really isn't that much different from Jaguar's implementation, it just cuts to the chase. You still have to authenticate to delete the folder, so I think we're safe from viruses. Inexperienced users may run in to troubles, but I wouldn't think the new way would allow them to delete necessary system files, just files owned by other users. Really, that would be more a nuisance than anything else.

Can you navigate inside folders you don't have read permission for?

Can you open a write-protected file with TextEdit and then save it, entering the admin password when needed?

There would be an easy way to see if it's possible to delete necessary system files - when you're ready to install a new build, try to hose the old one first, by dragging /System to the trash.

Perhaps there could be a checkbox that could switch on and off this feature? The flag could be off by default, and the authentication dialog would only come up if it were checked on. That would probably take care of accidental file deletions by newbies.

[zerologic]

Originally posted by CharlesS:
Perhaps there could be a checkbox that could switch on and off this feature? The flag could be off by default, and the authentication dialog would only come up if it were checked on. That would probably take care of accidental file deletions by newbies.

or better yet a hidden system pref (this is NOT real):

defaults write com.apple.finder AllowPrivilegesOverride TRUE

:-D

[kennedy]

I would guess this was implemented for the admins who are adverse to Terminal... it is a pain to get some things done in Finder as an admin.

So, yes, at first glance, it would seem dangerous for inexperienced admins. However, what are the alternatives?

Admins 'sudo'ing in Terminal where they aren't comfortable an don't really know Unix too well.

OR

Admins logging in as 'root' so they can get stuff done. But then there are no warnings in the form of requests for authentication!!

Soooo, I think this feature is a very good thing for inexperienced admins.

And it is a great thing for experienced admins who are also users of the machine.

JMHO.

[moonmonkey]

Originally posted by zerologic:
or better yet a hidden system pref (this is NOT real):

defaults write com.apple.finder AllowPrivilegesOverride TRUE

:-D

it should just be a check box in the Advanced tab of finder preferences.

[Moonray]

It's not more power, just the same power more easy to access.
Some people will learn how to deal with that power by making 'bad' experiences, but sometimes there is no other way for bullheads ("I deleted this System Folder because I did not like it and did not put it there in first place and now my Mac won't start").

There is no fool proof computer and never will be, and if people push buttons without thinking they get what they deserve.

-