On Thu, 2009-11-19 at 11:15 +0000, Richard Hughes wrote: > 2009/11/18 Chris Adams <cmadams@xxxxxxxxxx>: > > I would like to see this discussion separate from discussion about the > > current issue with PackageKit. > > That would be nice :) > > The problem is who to target. If you call Fedora a desktop distro, > then it makes perfect sense for local users to be able to shutdown the > computer, suspend, change the system clock and install clipart without > passwords, as long as it's done in a secure way. > > If you call Fedora a server OS, then it shouldn't be shipping > PackageKit at all, and should have most of the PolicyKit > authentication actions defaulting to no. > > So obviously we need some middle ground. I guess if the spins > "personalise" the package set then they should also personalize the > security defaults. e.g. a server spin would not include PackageKit at > all, and default to not letting users change the time. A desktop spin > would allow the desktop user to do most things without a administrator > password. The tricky part is deciding a default policy that is > suitable for all the people using Fedora, which honestly, I think is > impossible. If this is the metric then we probably need to split "Desktop" into at least 2 categories: - Personal Laptop (Netbook/etc ...) - Workstation (or multi-seat desktop, etc...) These 2 categories have very different security requirements and implied "ownership". Simo. -- Simo Sorce * Red Hat, Inc * New York -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
