On Sun, 2009-10-18 at 13:21 +0200, Jeroen van Meeuwen wrote:
> On 10/17/2009 10:34 PM, David Zeuthen wrote:
> > On Sat, 2009-10-17 at 09:49 +0530, Rahul Sundaram wrote:
> >> To help me understand this better, can you give me a example? Let's say
> >> I want to tweak PackageKit's policy to not ask for root password even
> >> when untrusted packages are being installed,
> >
> > (this is not a good idea but let's ignore that for the time being)
> >
>
> Actually you're not in a position to determine whether this is or is not
> a good idea.
Actually I'm uniquely qualified to make statements like that since I
wrote the mechanism (e.g. PolicyKit) allowing people to aim for their
foot and blow their whole leg off.
(Allowing people to hang themselves (or shoot their leg or foot off or
whatever) is of course not the goal of PolicyKit... but since PolicyKit
is a security-mechanism it does allow people to do such things even if
they are crazy.)
Mind you, not only am I qualified to make such statements, it's my
goddamn responsibility, as the author of the software, to tell people
"don't do that, it's a root-exploit in the making" - especially if it's
on a public mailing list where authors of "helpful" guides a'la "How to
make Fedora Work" recipes etc. will find the discussion via Google and
other search engines.
David
--
Fedora-desktop-list mailing list
Fedora-desktop-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-desktop-list
