Actually that should not an issue since we only do offline updates, so there is no chance of one user updating software while another is using it. Christian ----- Original Message ----- > From: "Josh Boyer" <jwboyer@xxxxxxxxxxxxxxxxx> > To: "Discussions about development for the Fedora desktop" <desktop@xxxxxxxxxxxxxxxxxxxxxxx> > Sent: Wednesday, May 13, 2015 9:53:23 AM > Subject: Re: Fedora 22 update security > > On Wed, May 13, 2015 at 9:47 AM, Christian Schaller <cschalle@xxxxxxxxxx> > wrote: > > So I checked with Richard Hughes and the way the rules currently works is > > that there is a difference between install and update. If you want to > > install > > a new piece of software you need to be part of the wheel group, but any > > user can update already installed software as long as it is signed Fedora > > software. > > (Well technically they are not even doing that since updates are done > > offline these > > days). > > Right, but that is the problem. On a multi-user machine, allowing a > non-admin user to update e.g. firefox can result in some very strange > brokenness with currently running firefox instances. Also, updates > can bring incompatibilities with them and should be done by an admin. > > I realize the rationale above is _mostly_ covering for inadequacies in > application software but that is reality today. However, even > ignoring those issues, updates to core packages shouldn't be done by a > non-admin user. > > josh > -- > desktop mailing list > desktop@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/desktop -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
