Re: PackageKit policy: background and plans

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2009-11-23 at 19:01 -0500, Gregory Maxwell wrote:
> On Mon, Nov 23, 2009 at 6:43 PM, Jesse Keating <jkeating@xxxxxxxxxxxxxxx> wrote:
> > This is precisely the dialog that has been removed from F12 and is not
> > planned to be returned.
> 
> My understanding was that this was removed because collecting the root password
> during a user session is insecure because there could be a sniffer or the dialog
> could be faked.
> 
> If I understand you correctly you are saying that even if this weakness were
> addressed (e.g. through whatever means make fast user switching secure) that
> the feature would not be re-introduced.  Am I misunderstanding?
> 
> If I am not misunderstand, can you point me to the real reason that this feature
> was removed?

Your understanding is not correct. The 'feature that was removed' is
retention of authorizations (for more than a very short period).
PolicyKit 0.x had keep_always policies, which asked a user to
authenticate for an operation just once and then kept that authorization
indefinitely. These are what were removed in PolicyKit 1.x, leaving only
the keep policies, which retain authorization for just a few minutes.

-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux