2009/11/19 Richard Hughes hughsient@gmail.com
So if I pick "personal desktop", the change you made makes sense. If on the other hand, I choose "workstation" profile, I would obviously need a more locked down profile.
Surely if you're deploying a workstation (1000s of workstations?) you would just ship an extra package that set the PolicyKit policies according to the domain policy, so if I was a school, I would allow the active users to unplug removable drives, but not detach physical drives. I would also stop them installing and upgrading (not even give them the option to enter a root password) and also lock down who can change the clock. I would also prevent them from installing debuginfo files and being able to set thier audio system to real-time priority.
The real argument is what set of users upstream software should target. There's an argument for upstream to default to "no" for all actions and for the admin to install a policy for "desktop", "workstation" etc, but then there's just the related problem of what policy package to choose by default for "Fedora".
Why not choose them all?
What about having packaged policy profiles?
policykit-profile-i-am-paranoid policykit-profile-server policykit-profile-controlled-deployment policykit-profile-personal-desktop
In the live CD install the last one by default, on the DVD, choose the server option. Either way, since it is a packaged profile, all someone will need to do to change to a different one is replace the RPM package with something appropriate.
In this case, I do not think it is an either/or situation.