On Sat, Jan 30, 2010 at 1:20 AM, Adam Williamson <awilliam@xxxxxxxxxx> wrote: > > Well, reboot is a one-time operation; if there's only one user logged > in, they can only affect themselves by rebooting. Adjusting the clock or > installing new software isn't the same. Ok, actually "one time" feels like there's a more general principle at work here, which is the degree to which the operation could potentially affect other users. For example, there's a pretty wide gulf between "install new desktop app" (other users see a new menu entry) and "start or stop system daemons" (can easily break printing, networking, or just crash the. Changing the system time is in between there. The reason I mention this specifically I'd like in the future to widen this set a little bit for the "self managed" desktop target (i.e. livecd download), specifically include at least "install new desktop application from " and "initiate system update" in that set of default privileges. Maybe the way to think of system update is that the system comes by default configured to update, and the privilege is actually to optionally delay the update. I think it's very important that we make typing in the root password dialog a meaningful event, something that means "you are doing something really unusual, are you sure?", like turning off SELinux. If we require it for simply installing Firefox security updates it greatly dilutes the warning/danger value of it. So as long as we don't view this current list as written on stone tablets but a flexible system (more in the sense of guidelines/examples), subject to revision, I'm fine with it. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel