On Wed, Apr 5, 2017 at 6:01 PM, Adam Williamson
On Wed, 2017-04-05 at 17:32 -0600, Chris Murphy wrote:
> On Wed, Apr 5, 2017 at 3:14 PM, Adam Williamson
> <adamwill(a)fedoraproject.org> wrote:
> > On Sun, 2017-04-02 at 09:44 -0500, Michael Catanzaro wrote:
> > > Also: being able to install without authentication but not delete
> > > matches our behavior for system packages. I think it's silly to allow
> > > users to install stuff but not to remove it, but that's our status
> > I thought the intent was that you should need admin privileges to do
> > either. The only thing regular users are supposed to be allowed to do
> > without admin privileges is *update* the system, though since that now
> > requires a system reboot, I'm not sure even that should be allowed
> > without auth any more.
> I want to see the OS and apps updated on a regular basis, by default,
> no user intervention. Just do it. I've tacitly given permission for
> this by installing Fedora already. It should be one of its
> responsibilities. Like cleaning up /var/tmp.
Well, it's about rebooting the system, not installing the updates.
Inhibit reboot if another user is logged in; disallow non-admins from
forcibly logging those users out.
Otherwise, on a *workstation* there's no good reason to prevent a
normal user from suspend, reboot, or shutdown. Of course a server is
> Android phone, I can install an application and not be asked to
> authenticate anything beyond the lock screen.
But Android phones generally aren't multi-user devices. I'm only
talking about *non-admin* users, here. On a single-user system, the
single user is likely going to be an admin.
Since forever, macOS has had ~/Applications where a non-admin user can
install applications without authentication. Drag and drop. Done. Yes
non-admins can reboot the computer, and shutdown, and put it to sleep.
Android does application autoupdates without asking me, by default.
They happen whenever plugged into a charger. Thanks for not bugging me
about routine things like this.
Also, this reference has some interesting points about Android
* Each user gets a workspace to install and place apps.
* Any user can affect the installed apps for all users. ## not sure
what affect means, may not mean remove
My understanding of how a secondary user installs an already installed
application is that it's basically creating a link; it's not literally
downloading another copy of the binary and installing it.
Meanwhile on Windows with non-admin users, they're totally stuck. They
have an inept admin, who lets them have 6 month old or older web
browsers? They're fakaked. They can't update it. They can't replace
it. They can't use a substitute. Proven failure when it comes to
keeping things up to date.