Initial draft of privilege escalation policy
Adam Williamson
awilliam at redhat.com
Wed Jan 20 18:02:49 UTC 2010
On Wed, 2010-01-20 at 16:51 +0000, Richard Hughes wrote:
> 2010/1/20 Adam Williamson <awilliam at redhat.com>:
> > * Add, remove, upgrade or downgrade any system-wide application or
> > shared resource (packaged or otherwise)
>
> Do you mean upgrade, or update? PackageKit, by default, allows
> untrusted users to update packages,
> but not upgrade the distro from
> one release to another.
>
> If you require the admin password to update, then you're stopping
> updates being installed in the background, which makes you _less_
> secure, not more secure.
Good point, will reword that bit.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the test
mailing list