Fedora 22 update security
Michael Catanzaro
mcatanzaro at gnome.org
Wed May 13 14:07:27 UTC 2015
On Wed, 2015-05-13 at 09:34 -0400, Matthew Miller wrote:
> For reference, here is the policy
> <https://fedoraproject.org/wiki/Privilege_escalation_policy>
The policy prohibits unprivileged users from downgrading packages
(which could undo security patches) but not from upgrading packages,
except it does prohibit upgrades from one Fedora release to the next.
Still, we can be stricter than the policy requires if we want to be:
mcatanzaro: Anyway I think it's OK to require authentication to
install updates, because on multiuser systems it's legit to expect the
admin to install updates, and on single-user systems the user should be
an admin.
mcatanzaro: But: currently anaconda creates non-admin accounts by defa
ult. That's bad.
halfline: mcatanzaro: man it's like you were standing here in the
cubes with us
halfline: you just parroted what i said in meatspace almost verbatim 5
minutes
halfline: ago
More information about the desktop
mailing list