On 11/18/2009 01:19 PM, Konstantin Ryabitsev wrote:
I may be wrong, but I understand that this behaviour of PackageKit
only applies to users with direct console access (i.e. not remote
shells). So, only users that are logged in via GDM or TTY would be
able to perform such tasks.
That's a silly thing to imply we can control. Just because firefox is running on a
local console doesn't mean that a vulnerability therein has not allowed it to be
ultimately controlled from elsewhere.
--CJD