Security policy oversight needed?

[Chris Adams]

After seeing two conflicts over PolicyKit default policies allowing
unprivileged to do things that previously only root could do, it seems
to me that there needs to be some kind of oversight on security policy
for the distribution.  Right now, any package maintainer can make
changes to system security policy, without announcing it, getting any
approval, etc.

In the two cases I've seen, the maintainers decided that their way was
the right way and closed the bug reports without any real discussion,
which just seems unacceptable to me.

Any package (whether new or an update) that adds/changes PolicyKit,
consolehelper, or PAM configuration, and anything that installs new
setuid/setgid executables, should require some additional third-party
review.  Any significant changes that passes review should require some
minimum amount of advance notice and documentation on how to revert
(preferably in some common easy-to-find place in the wiki).

Is this feasible?  Who needs to look at this?

I would like to see this discussion separate from discussion about the
current issue with PackageKit.

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.