Local users get to play root?
Jeff Garzik
jgarzik at pobox.com
Wed Nov 18 21:59:08 UTC 2009
On 11/18/2009 03:25 PM, Colin Walters wrote:
> On Wed, Nov 18, 2009 at 3:20 PM, Jeff Spaleta<jspaleta at gmail.com> wrote:
>>
>> I'm not sure enough sysadmins understand PolicyKit enough to
>> confidently generate local policy edits. I think learning how to
>> implement site specific PolicyKit best practises by modifying unwanted
>> PackageKit's behavior is going to be a trial by fire introduction to
>> PolicyKit policy editting for a lot of admins. We saw the same sort of
>> learning curve frustration when hal policy was introduced that changed
>> how hardware was handled.
>
> Having Yet Another access control system in HAL was precisely the
> reason PolicyKit was created, so administrators can have one place to
> find this stuff across the OS.
Rather irrelevant to our current problem, unfortunately.
Admins will upgrade to F12 not knowning that PK policy defaults have
changed. They will upgrade into insecurity.
Jeff
More information about the devel
mailing list