Michal Jaegermann wrote: > On Mon, Feb 23, 2009 at 06:08:44PM -0500, Matthias Clasen wrote: >> On Mon, 2009-02-23 at 15:57 -0700, Michal Jaegermann wrote: >>> On Mon, Feb 23, 2009 at 02:13:03PM -0800, Adam Williamson wrote: >>>> >>>> For me (system is F10, updated to current Rawhide) it asks for user >>>> password. > > Once. And not the next time. There is this "keep_always". > >> What exactly are we trying to establish here ? >> Is that another riddle ? > > No, I misread the above in a hurry. > >> If you want to know the default policies, just >> open /usr/share/PolicyKit/policy/org.gnome.clockapplet.mechanism.policy >> and you will find that it is indeed >> >> <allow_inactive>no</allow_inactive> >> <allow_active>auth_self_keep_always</allow_active> > > That can be modified through 'polkit-action --set-defaults-active ...' > so this loop I have shown will print then something else. I think Dan Walsh tried to address these PolicyKit defaults on the fedora-security-list last November: "PolicyKit Proliferation is a Security Disaster in the making" http://www.redhat.com/archives/fedora-security-list/2008-November/msg00000.html -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When I think about all the crap I learned in high school ... it's a wonder I can think at all. -- Paul Simon
Attachment:
pgpnwOWCdEOUK.pgp
Description: PGP signature
-- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
