Kevin Kofler <kevin.kofler@xxxxxxxxx> writes: >> I never tick those boxes. I'd like to know how to get rid of them >> entirely. > > Upgrade to F12 (with the latest PackageKit update), there's no such checkbox > in F12's PolicyKit. This is good. Also we should remember that user entering root password in user's session makes the user account practically equivalent to root (it can be seen as a protection against incidental damage, but not against a real attack). The only secure way has to use a fully trusted path from the person to the root process - e.g. logging as root (or root-equivalent) initially, with a physically secured console (some sysrq-k or ctrl-alt-del combo which cannot be remapped or blocked by non-root etc). E.g. using su or in most cases sudo etc. makes the non-root account equivalent to root. This can be, of course, deemed secure as long as we accept and understand this equivalency. -- Krzysztof Halasa -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
