On Wed, Nov 18, 2009 at 11:08 AM, Konstantin Ryabitsev <icon@xxxxxxxxxxxxxxxxx> wrote: > Yes, this is security trade-off -- and with valid arguments. Does it > make sense to have this as a default configuration for a > desktop-oriented distribution? Quite possibly. Fedora installations in > managed environments have qualified sysadmins that can alter this > policy -- I'm not sure enough sysadmins understand PolicyKit enough to confidently generate local policy edits. I think learning how to implement site specific PolicyKit best practises by modifying unwanted PackageKit's behavior is going to be a trial by fire introduction to PolicyKit policy editting for a lot of admins. We saw the same sort of learning curve frustration when hal policy was introduced that changed how hardware was handled. -jef -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
