On Tue, Nov 13, 2012 at 4:40 PM, Matthew Miller
<mattdm@xxxxxxxxxxxxxxxxx> wrote:
> The concerns you raise go beyond the preferences of sysadmins (who, I think
> as a rule prefer key-value config files to complex ones). Of course, Fedora
> isn't (at least, not right now) targetted at the high-security situations
> you describe, but our major downstream consumer sure is. What (if anything)
> should Fedora do here? What are our options?
So, talking about specific actions...
I have recently had to search all existing polkit policies. This is
no longer possible to automate because various packages ship the
JavaScript policy, so I had to review those by hand. It seems that
(perhaps with the exception of polkit itself) any use of JavaScript
could be converted into the old format, which remains supported.
So, as soon I find some free time (probably next week), I intend to
ask FPC to prohibit using JavaScript if the functionality can be
represented in the old .pkla, and to prepare patches to convert the 6
JS-using packages.
Mirek
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
