low-hanging fruit
Jon Nettleton
jon.nettleton at gmail.com
Wed Aug 22 17:47:42 UTC 2007
On 8/22/07, David Zeuthen <davidz at redhat.com> wrote:
>
> On Wed, 2007-08-22 at 19:37 +0200, dragoran wrote:
> >
> >
> > On 8/22/07, David Zeuthen <davidz at redhat.com> wrote:
> >
> >
> > (Another technical tidbit: RPM's GPG keys are tied to the
> > system so when
> > one user is deciding to import a GPG (aka. start trusting a
> > software
> > provider) it affects all users on that. Maybe the dialog need
> > to makes
> > that clear too.)
> >
> > that is a reason for asking for the root password , everything else is
> > nothing but a security hole if a non root user can set system
> > defaults like this.
>
> Yeah, it's probably a good idea to ask for an administrator to
> authenticate to do this. With mainline Fedora this would be asking for
> the root password; for other spins it might asking a user in e.g.
> 'wheel' to authenticate.
>
which reminds me. wouldn't it make sense to at UGROUPS=wheel to our
/etc/security/console.apps/ files? The functionality has been around
for years now
and never used because it was getting replaced.
Jon
More information about the Fedora-desktop-list
mailing list