Re: Updates done by everyone

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Samstag, den 09.12.2006, 09:45 -0500 schrieb jim tate:
> Roger Grosswiler wrote:
> > i just asked myself, why a normal user shouldn't be able to run pup by
> > itself without root permission.
> >
> > I think, this could be an issue to configure in the future.
> >
> > Meanwhile, i entered a group as sudoers. In the shell, everybody on this
> > machine is now able to run pup. 
> >
> > I changed pup.desktop in /usr/share/applications 
> >
> > to Exec = sudo /usr/bin/pup
> >
> > ..it seems, gnome does not like this kind of entry ;) because i couldnt
> > then launch it from gnome no longer.
> >
> > does anybody know, how i could handle this without a  shellscript in
> > between?
> >
> > Thanks,
> > Roger
> >
> >   
> So you want Linux to have a security blanket like $Windows , so it will 
> make your life easier.
> BOY!! some of these ex $Windows users.
> 
> Jim
> 
> 
Erm, i was posting a question and get this answer? nice, nice, but is
there also a productive idea on my question? So, i see

1) an annoying flame again which is completely unnecessary, basing on
assumptions.

2) a question of usability

3) a question of security

4) a question of philosophy

i will not discuss point 1) or 4) each approach has its
advantages/disatvantages. you will leave even a insecure system if you
leave buggy apps unupdated. but this is point 4)

I agree it is a hole. But just to finalize my idea:

If the puplet says "xx security updates" i just want, that a normal user
can say "update now" - thats all!

what is against this? Even, it is helpful for security. Many admins
won't walk to 10 workstations for long time, so they a) commit the
password (...no discussion...) or resolve it via sudo :NOPASSWD or in
another, efficient way.

Thats the way i search too.

btw. how can you make sure even as admin, you get "proper" updates? If
you just allow updates and nothing else, the user will do your work for
lesser money in the same security-context, or am i false? 

So, if anybody feels free to discuss this issue in a friendly and
productive manner, you are welcome.

Roger

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux