Security policy oversight needed?
Jesse Keating
jkeating at redhat.com
Thu Nov 19 17:40:56 UTC 2009
On Thu, 2009-11-19 at 12:33 -0500, Gregory Maxwell wrote:
>
> ...add what you want, and have PolicyKit pulled in as a dependency.
>
> When this discussion came up I tried doing a yum erase PolicyKit on
> one of my systems and had it offer to remove some 372 package,
> including xorg-x11-drivers.
>
> I don't mind at all that I have to type my administrator password in
> to do root privileged things on my desktop or laptop. I don't want the
> normal security model to be circumvented in odd ways.
>
>
I'm not sure what you're trying to say here. PolicyKit is an integral
part of our distribution. The policies that get loaded into PolicyKit
can come from different sources though, either a blanket policy package,
or individual policy files to go along with individual packages. So in
your case, while you have PolicyKit installed, you may not have had
PackageKit, nor the policy that would grant PackageKit to do thing for
local users.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20091119/eab33a45/attachment.bin
More information about the devel
mailing list