Explain how to set an administration password instead of asking for one when none is set
When the user tries to perform an administration task (mounting internal disks, installing packages, etc.) she is asked for the administration password which might not have been set.
So she’s asked a question that has no possible answer. She needs to go find in the the documentation the relevant section to understand what this weird behavior is about.
We shouldn’t ask for a password that doesn’t exist.
Instead of displaying a password prompt, we could display a message explaining that this feature is not available unless you set up an administration password when starting Tails (and this for security reasons). This would:
- Allow for learnability of what the administration is used for and how
to set it.
- Fix this problem for all administration tasks
- Match the mental model of advanced users
We now need to investigate how this is possible to do.
For example, in the case of mounting local disks. Here is the discussion which lead to this idea:
I am using Tails DVD burnt on a DVDRW without administrator privileges.
Even though I have no access by default, it seems to the local hard drive its presence is shown in both Nautilus file manager and Disk Utility.
From the point of view of security (should there ever be a successful, malicious hacking attack) is it possible and advisable to hide their presence under Devices in file manager and thence eliminate the need for the superuser authentication dialog box?
In Disk Utility the hard drive is also shown under Local Storage with many disk functions such as Mount, Format Volume, Check Filesystem, Edit Filesystem Label, Edit Partition, Delete Partition shown. Not sure if these are available without the disk being mounted and have not been game to click on them to see. The buttons do however change when highlighted with the mouse giving the impression that they are active and accessible. Only tried Mount Volume with the expected authentication window being shown.
For the same reason as above (safety, security and reassurance) is it possible to hide the hard drive whilst in non admin boot since if the functions are not activated in this mode and only available when booting as an administrator with the local drive/s mounted there seems little sense and logic in displaying them. If a user wanted to view the status of their local hard drives and use these functions then it is simple enough for him/her to reboot with admin privileges to have access to them.
Related issues
- Related to #11013 (closed)
- Related to #15830
Original created by @tailor on 9554 (Redmine)