Initial draft of privilege escalation policy

Adam Williamson awilliam at
Wed Jan 20 18:02:49 UTC 2010

On Wed, 2010-01-20 at 16:51 +0000, Richard Hughes wrote:
> 2010/1/20 Adam Williamson <awilliam at>:
> > * Add, remove, upgrade or downgrade any system-wide application or
> > shared resource (packaged or otherwise)
> Do you mean upgrade, or update? PackageKit, by default, allows
> untrusted users to update packages, 

> but not upgrade the distro from
> one release to another.
> If you require the admin password to update, then you're stopping
> updates being installed in the background, which makes you _less_
> secure, not more secure.

Good point, will reword that bit.
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org

More information about the test mailing list