There's
and
Other than that, you're spot on.

Both of which are completely true. You don't need root to mount a volume. Or to reboot even if root is logged in on a terminal. You don't need root to plug in your phone or a thumb drive. It's so stupid.

And also yes, you can grab in plain text your root password.

Haven't seen a root password prompt for mounting a USB stick since forever. You probably don't need for other volumes either. But of you want to mount in /media...

That hardly has anything to do with polkit.

Seriously, I don't get what your beef is with polkit. It's just a fine-grained sudo.

Except that sudo must restart an app to escalate it, and it doesn't condition you to input your password for most things that don't need it. And lets face it, almost all linux desktops run on X. Period.

Actually you DO need root for performing all those things, and that's what policykit was created for: grant you root privileges when you need them. And I don't need to enter my root password for any of those actions you mentioned, because I gave my regular user privilege to do that by default. Check how this is done on your distro, it usually means you have to add your regular user to various groups.

How about you try that "trick" for yourself, but logged in as a DIFFERENT user than the one owning the X session? Unless you followed some stupd guide that instructed to use `xhost +` that gives everyone access to your session it will fail. So only someone already having access to your own account can do that, and a compromised account used by the administrator is basically endgame as regard to security on any OS.

I don't get such prompts either. Polkit allows for you to say things like, hey I want to run this app as root only to do these things k? So when you want to do those things as root you get the prompt, and only that part of the program gets to root permissions(like the ability to read or write a file to a location as root), that turns out to be more safer/secure than letting the whole thing run as root. In Dolphin it's only going to prompt you for things that you'd otherwise need to enter your pass for anyway(either via terminal or running an app/Dolphin as root), reading a file that's only permitted to root for example.

How would you do this in a no polkit world that you're ranting about wanting because you don't like entering your password to approve? Probably going to end up typing that password, and perhaps a few more steps in addition to that. Also if I'm not mistaken, I've seen some of these prompts with a checkbox to say not to prompt a password again after approving it(not sure if it was polkit or just a similar looking KDE dialog)... That sort of flexibility is even better :| Would also avoid typing your password for that action in future that you raise so much concern about, while keeping things more secure(not running the whole app as root, not so much the removing password approval).

News about the topic: http://blog.chinmoyrp.com/gsoc%20kde...-final-status/