Fedora 22 update security
Nethaji
ucbtnth at live.ucl.ac.uk
Wed May 13 13:30:55 UTC 2015
Hi Michael,
Many thanks for the update and a fix. I hope that adding a rule would
work.
As Matthew mentioned it will be nice to keep the policy to root or
system admin only even if it is cryptographically signed by Fedora.
Thanks
Nethaji
On Wed, 2015-05-13 at 09:11 -0400, Josh Boyer wrote:
> On Wed, May 13, 2015 at 9:07 AM, Matthew Miller
> <mattdm at fedoraproject.org> wrote:
> > On Wed, May 13, 2015 at 07:49:34AM -0500, Michael Catanzaro wrote:
> >> Actually, sorry, Matthew and I were wrong. We do allow unprivileged
> >> users to run software updates (provided all of the updates are
> >> cryptographically signed by Fedora). You can configure this behavior
> >> manually by creating a file in /etc/polkit-1/rules.d with the following
> >> contents (untested, should work):
> >
> > Huh. Last time this came up in FESCo, I thought the decision was to
> > keep the policy as it had been (passwordless updates for admin users
> > only).
>
> Yes, I agree. We really need to change it back to that if Software
> (or anything else) is not in compliance.
>
> josh
More information about the desktop
mailing list