On Wed, 2009-11-18 at 16:04 -0900, Jeff Spaleta wrote:
And I think you missed my point. As we are learning..the hard way...
sysadmins and spin developers can and should be encouraged to generate
site specific policykit rules as part of hardening/softening ALL
policykit enabled applications. You we really won't be able to rip out
all the stuff using policykit. We're gonna have to digest the fact
that policykit is there and start dealing with it in our setups and we
are going to need some hand holding so we can do it effectively.
PackageKit's policy is just the beginning of the learning curve here.
It may not be server relevant as an application.. but the underlying
issue about checking and configuring PolicyKit settings will be server
relevant and unavoidable at some point.
I agree, but I also agree with those who said that this issue makes it
very clear we need to have some kind of process for setting a general,
project-wide policy for what kind of policies packages should set via
PolicyKit; this needs to be handled in a joined-up way and with the
involvement of the appropriate people (i.e. the security group), not
just on an ad hoc level by individual package maintainers. This should
be something the FESCo discussion should cover, I think. We need to have
a proper definition of our desired default security posture, and proper
oversight of the implementation of this. Especially now PolicyKit usage
is becoming (rightly!) widespread.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net