On Wed, Jul 09, 2008 at 10:37:27AM +0100, Daniel P. Berrange wrote: > After discussions with policykit maintainers I've come to the conclusion > that it is better for security if we default to 'auth_admin_keep_sesion' > instead of 'auth_self_keep_session'. ie prompt for the root password (ala > 'su') instead of the user's password (ala 'sudo'). This is because having > access to libvirtd gives you very significant power over the host machine. > > Secondly, newer versions of policykit have imposed a naming constraint on > policy files, so when we install our policy it needs to be in a file called > org.libvirt.unix.policy, instead of just libvirt.policy. So there's a change > to the Makefile to support this. Okay, sounds fine, +1 Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard@xxxxxxxxxx | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list