On 10/20/2009 04:06 PM, David Zeuthen wrote:
On Sun, 2009-10-18 at 13:21 +0200, Jeroen van Meeuwen wrote:
On 10/17/2009 10:34 PM, David Zeuthen wrote:
On Sat, 2009-10-17 at 09:49 +0530, Rahul Sundaram wrote:
To help me understand this better, can you give me a example? Let's say
I want to tweak PackageKit's policy to not ask for root password even
when untrusted packages are being installed,
(this is not a good idea but let's ignore that for the time being)
Actually you're not in a position to determine whether this is or is not
a good idea.
Actually I'm uniquely qualified to make statements like that since I
wrote the mechanism (e.g. PolicyKit) allowing people to aim for their
foot and blow their whole leg off.
(Allowing people to hang themselves (or shoot their leg or foot off or
whatever) is of course not the goal of PolicyKit... but since PolicyKit
is a security-mechanism it does allow people to do such things even if
they are crazy.)
Mind you, not only am I qualified to make such statements, it's my
goddamn responsibility, as the author of the software, to tell people
"don't do that, it's a root-exploit in the making" - especially if it's
on a public mailing list where authors of "helpful" guides a'la "How to
make Fedora Work" recipes etc. will find the discussion via Google and
other search engines.
Good god... So this is how you think you can determine whether allowing
users to install unsigned packages is a good idea or not, better then
anyone else can? I'm doubting whether you've ever administered some
real-life desktop systems
FWIW, I love PolicyKit for giving me more granular control (potentially)
over what users can do; I wouldn't want them to remove my configuration
management packages for example, but sudo yum privileges often extend
too much beyond the boundaries of what is acceptable delegation. That
is, in most of the situations where I manage desktop systems.
-- Jeroen
--
Fedora-desktop-list mailing list
Fedora-desktop-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-desktop-list
