On Wed, 2012-02-29 at 11:46 -0500, David Malcolm wrote: > On Wed, 2012-02-29 at 07:02 -0500, Neal Becker wrote: > > I think he's got a point > > > > http://www.osnews.com/story/25659/Torvalds_requiring_root_password_for_mundane_things_is_quot_moronic_quot_ > > > http://fedoraproject.org/wiki/Releases/FeaturePolicyKit > in Fedora 8 onwards, > > It was revamped in Fedora 12: > http://fedoraproject.org/wiki/Features/PolicyKitOne PolicyKit is an awesome mechanism, but it's really only part of the story. Just having a mechanism in place isn't everything you need. The rest of the story is that we need to port as much stuff as possible to use PolicyKit for privilege escalation, we need to ensure that the default policy is good (what constitutes 'good' is, ahem, up for discussion, Linus suggests the default should make sure for a fairly non-critical, end user desktop, M A Young suggests the opposite, but we should at least have a solid project-wide understanding of what we're broadly aiming for, and try to make sure everything fits that story) and also, probably, that we have easy 'drop-in' alternative policies. It'd be great if, say, we shipped with a fairly loose default policy intended for a single-user desktop, but you could drop in a more restrictive policy appropriate for a shared machine just by installing a package. Just for the record, I've had an interesting chat with Linus via private mail about this stuff, and I'll probably poke a few interested devs/maintainers soon. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
