On Thu, 2009-11-19 at 10:05 -0500, Peter Jones wrote:
Mike's suggestion of a distro-wide policy is one way to do that, and on it's face, it's certainly a lot more practical than a distro wide change control board auditing for security relevant changes, or even sillier, expecting package maintainers to identify when a change has security implications and come asking what they should do. A "command" infrastructure does not fit Fedora or Linux very well.
I think the policy should be in two parts, though. Mike's suggestion is good; we need general guidelines as to what roles which classes of users are expected to fulfill. We probably also need some packaging policy for applications providing escalated privileges via policy kit, like we already have for setuid utilities.
I am in strong agreement here. A guiding (set of) polic{y,ies} is what is needed, to help the maintainers who have control make decisions that fit well with what the Fedora project (or individual spin) is trying to offer. We don't need more rubber stamp meetings, just better guidelines.
Should this be part of the Packaging guidelines, or a different set of design guidelines?