On Wed, 2015-05-13 at 09:34 -0400, Matthew Miller wrote: > For reference, here is the policy > <https://fedoraproject.org/wiki/Privilege_escalation_policy> The policy prohibits unprivileged users from downgrading packages (which could undo security patches) but not from upgrading packages, except it does prohibit upgrades from one Fedora release to the next. Still, we can be stricter than the policy requires if we want to be: mcatanzaro: Anyway I think it's OK to require authentication to install updates, because on multiuser systems it's legit to expect the admin to install updates, and on single-user systems the user should be an admin. mcatanzaro: But: currently anaconda creates non-admin accounts by defa ult. That's bad. halfline: mcatanzaro: man it's like you were standing here in the cubes with us halfline: you just parroted what i said in meatspace almost verbatim 5 minutes halfline: ago -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
