Gregory Maxwell wrote: > The time configuration policy is actually a fantastic example of this: > After it was pointed out that any user could change the time > willy-nilly the complaint was disregarded and denied by many because > the dialog *did* ask for a password, as would be the classic unix > security model expectation. Except… it was asking for the *users* > password rather than a root password— so if you happen to know both > (or if they are the same) you could test it and fail to realize that > it was violating the long-standing expectation. FWIW, upstream KDE requires root authentication to set the current time, and in fact one usage (the one usage? I haven't found others so far) of KAuth in KDE 4.4 will be to use PolicyKit to prompt for the root password (KDE 4.3 uses kdesu there). So now we also have inconsistent system policies, with one tool explicitly prompting for root and another one not doing it. :-( Kevin Kofler -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list