Draft privilege escalation policy for comments
Adam Williamson
awilliam at redhat.com
Mon Feb 1 23:20:26 UTC 2010
On Sun, 2010-01-31 at 08:55 +0100, Kevin Kofler wrote:
> Adam Williamson wrote:
> > I think it's sensible, yeah. It's not really much bureaucracy; I don't
> > think it would ever be a good idea to introduce a new privilege
> > escalation mechanism without FESco knowing about it...
>
> Right now we're in a phase where a lot of stuff (system-config-*, several
> parts of KDE and some other stuff) is getting ported from running the whole
> app under consolehelper or kdesu to PolicyKit mechanisms. This is generally
> seen as a *good* thing. It'd be really annoying to have to go through a
> FESCo vote for every single one of those.
That's not intended to be the scope. It's not meant to mean that
introducing a PolicyKit policy requires a FESco review; it's meant to
mean that introducing *the entire PolicyKit mechanism* would have
required a FESco review.
Obviously (since you misunderstood it) the current wording is confusing,
I will try to improve it.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the devel
mailing list