Re: Draft privilege escalation policy for comments

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Adam Williamson wrote:
> Please do provide any and all feedback on the proposed policy. if we can
> get it into a shape which most people on the list would find acceptable,
> my next step will be to take it back to FESco for them to review.
> Thanks.

>From the proposal:

> Add, remove, upgrade or downgrade any system-wide application or shared
> resource (packaged or otherwise)

The current PackageKit policy in F12 updates still allows upgrading (as 
opposed to installing or removing, not sure about downgrading, does 
PackageKit even support that?) packages without root authentication. Is this 
intended to be changed as part of the proposal or should the proposal be 
fixed instead (just remove "upgrade" from the sentence)?

> New and changed privilege escalation mechanisms

Is the bureaucracy in this section really necessary? AFAICT what was missing 
when the F12 PackageKit change was made was the informative part of the 
proposal, the maintainer just didn't know what he should be allowing and 
what not. I don't think the enforcement part is really needed, maintainers 
should be able to get it right on their own given the detailed list of evil 
things to avoid which the proposal provides and I haven't seen any evidence 
as to the contrary (again, the PackageKit example is not applicable because 
the PackageKit maintainer did NOT have such a list to go by when he made his 
change; there's no reason to believe he'd have made that change in spite of 
it).

        Kevin Kofler

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux