2009/11/19 Jeff Garzik <jgarzik@xxxxxxxxx>: > 1) We should recognize this new policy departs from decades of Unix and > Linux sysadmin experience. Sure, it's different. It doesn't make it wrong. > 2) F12 policy should be reverted to F11, ASAP. Possibly with a CVE. PolicyKit in F12 doesn't have the auth_admin (and save forever to disk) functionality that F11 did. I think what we have in F12 is much more usable, perhaps trading off with the perceived loss of control. I say perceived as actually typing in a root password doesn't actually make the system any more secure at all, less if anything. > 3) Due to #1, F13+ should not deviate from the decades-old default. Using that argument, we can just keep using GTK tools written in python, that use consolehelper to run 2 million lines of code as the root user on the users session. How wonderful. > 4) Release notes should explain new [and after step #2, optional] policy in > detail, including how to turn it off again. Seth's laudable write-up > efforts should not have been necessary -- that info should be prepared. Sure, in retrospect I should have made a lot more noise in the release notes, which I apologise for. The reason people didn't notice earlier was because rawhide is unsigned, and hence all PackageKit operations required the root password, even updating. > 5) The people who want this new security policy should add an opt-in > checkbox in Anaconda or firstboot. Err, I don't think this is how we want to brand the desktop spin. Other spins just need to ship different defaults for all the other PolicyKit daemons too. Also, we've not made this change upstream lightly. We've got upstream review and policy documents which you might find useful: http://cgit.freedesktop.org/packagekit/plain/docs/security.txt http://cgit.freedesktop.org/packagekit/plain/docs/setting-the-proxy.txt http://cgit.freedesktop.org/packagekit/plain/policy/org.freedesktop.packagekit.policy.in Richard. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
