On Wed, 2009-11-18 at 22:38 +0000, Richard Hughes wrote: > 2009/11/18 Jeff Garzik <jgarzik@xxxxxxxxx>: > > And this enormous security hole of a policy change was done with next to > > /zero/ communication, making it likely that many admins will not even know > > they are vulnerable until their kids install a bunch of unwanted packages. > > F11 had retained authorisations, which arguably were more of a > security weakness. If rawhide had been signed during the F12 cycle > everybody would have seen this change much earlier. > > If you're deploying F12, then I really think you should know the > basics about PolicyKit. Richard, let's reverse it then. If it is so simple and if all our users should know about PolicyKit, then it should be no problem delivering a more secure policy by default, and let people change the policy to less secure if they want. Deal ? Simo. -- Simo Sorce * Red Hat, Inc * New York -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
