Re: Fedora 22 update security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi Michael,

Many thanks for the update and a fix. I hope that adding a rule would
work.

As Matthew mentioned it will be nice to keep the policy to root or
system admin only even if it is cryptographically signed by Fedora.

Thanks
Nethaji


On Wed, 2015-05-13 at 09:11 -0400, Josh Boyer wrote:
> On Wed, May 13, 2015 at 9:07 AM, Matthew Miller
> <mattdm@xxxxxxxxxxxxxxxxx> wrote:
> > On Wed, May 13, 2015 at 07:49:34AM -0500, Michael Catanzaro wrote:
> >> Actually, sorry, Matthew and I were wrong. We do allow unprivileged
> >> users to run software updates (provided all of the updates are
> >> cryptographically signed by Fedora). You can configure this behavior
> >> manually by creating a file in /etc/polkit-1/rules.d with the following
> >> contents (untested, should work):
> >
> > Huh. Last time this came up in FESCo, I thought the decision was to
> > keep the policy as it had been (passwordless updates for admin users
> > only).
> 
> Yes, I agree.  We really need to change it back to that if Software
> (or anything else) is not in compliance.
> 
> josh


-- 
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/desktop





[Index of Archives]     [Fedora Users]     [Fedora KDE]     [Fedora Announce]     [Fedora Docs]     [Fedora Config]     [PAM]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux