On Fri, 2009-11-20 at 11:50 -0430, Robert Marcano wrote: > On 11/20/2009 10:04 AM, Matthew Garrett wrote: > > I know basically nobody who, on a generally single user system, > > explicitly switches to a console to log in as root and perform package > > installs there. If you're not doing that then the issue is basically > > moot - a user-level compromise will become a root-level compromise the > > next time you run anything as root. > > I do that on critical workstations because a long time ago an old > (fixed) bug killed my X session when updating and messed my system, so I > do not trust too much updating base X components using a GUI. on my > personal systems, yes I use the GUI method This actually is one of the big advantages of PackageKit - because the installation is being done by a daemon rather than a process running in your session, if the X session dies during package installation, you won't be left with a half-completed transaction. Though that only helps from the command line if you use gpk-install-package-name rather than yum. Probably not too many people do that :-) - Owen -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
