First of all, I just realized one thing the current implementation
breaks w.r.t. what we decided on IRC when we first discussed the Unsafe
Browser: the default button in the "really start unsafe browser"-dialog
is "Yes", not "No" as we decided.
I was quite shocked to now realize that zenity doesn't have an option to
change that (like xdialog's --default-no IIRC). The only workaround I
can think of is to set the text on the "Yes" button to "No" and vice
versa (and negate the return value), but that switches the normal Gnome
order of the Yes/No buttons :/.
If neither of these are acceptable, what could I use instead of zenity?
Quoting intrigeri from #tails:
> (17:18:33) intrigeri: anonym: I thought one part of the consensus we
reached was to put the "unsafe browser" in the System -> Administration
menu, and not in the Internet applications one, but I haven't the irc
log anymore.
I can't recall this decision. Any way, I wonder if it is a good idea as
I'm sure it will just make it hard for users to find it, even if they've
read the documentation and know the risks etc. It is a pretty strange
place for it to be placed in and hence hard to remember. Besides, I
don't think we need to take any further steps to make it even more
inaccessible. Starting it *and* using it in a compromising way by
mistake shouldn't be an issue except for truly clueless users, which are
lost cause any way.
> (17:20:58) intrigeri: anonym: The "(as superuser)" title on the
warning dialog looks weird. Hard to fix?
This is a Gnome feature which apparently confuses users:
http://blogs.gnome.org/metacity/2010/02/08/as-superuser-considered-harmful/
http://blogs.gnome.org/metacity/2010/02/09/bug-of-the-day-hiding-as-superuser/
The solution they present is not possible in zenity, but I fixed it by
sudo:ing back to ${SUDO_USER}.
> (17:23:06) intrigeri: anonym: Suggestion: s/in order to/to/
Sure.
> (17:23:40) intrigeri: Hmmm, looks like I can't run it a second time
after closing it.
> (17:23:44) intrigeri: Trying again.
> (17:40:38) intrigeri: anonym: I would find it much more user-friendly
if, when running the unsafe browser quickly after closing it, I was told
something like "Another Unsafe Browser is currently running, or being
cleaned up. Please retry in a while.", instead of low-level message like
"Failed to setup chroot".
> (17:41:57) intrigeri: anonym: maybe use flock or lckdo?
Good idea, thanks! It uses flock now.
(17:42:46) intrigeri: anonym: I think none of this is RC, but if some
are easy to quickly fix, I would find it great if it was done. Else,
they need to be listed somewhere useful for the future.
Now they're on the ml but everything is already fixed, except for the
menu placement. Once we've reached a consensus on that, it's done.
(17:47:24) intrigeri: anonym: I'm afraid the unsafe browser new feature
will be a serious problem for an existing usecase of ours; I've
therefore created
https://tails.boum.org/todo/kiosk_mode/
Ok. To be continued once we've thought that one through then.
Cheers!
