PackageKit policy: background and plans
Owen Taylor
otaylor at redhat.com
Fri Nov 20 16:41:29 UTC 2009
On Fri, 2009-11-20 at 11:50 -0430, Robert Marcano wrote:
> On 11/20/2009 10:04 AM, Matthew Garrett wrote:
> > I know basically nobody who, on a generally single user system,
> > explicitly switches to a console to log in as root and perform package
> > installs there. If you're not doing that then the issue is basically
> > moot - a user-level compromise will become a root-level compromise the
> > next time you run anything as root.
>
> I do that on critical workstations because a long time ago an old
> (fixed) bug killed my X session when updating and messed my system, so I
> do not trust too much updating base X components using a GUI. on my
> personal systems, yes I use the GUI method
This actually is one of the big advantages of PackageKit - because the
installation is being done by a daemon rather than a process running in
your session, if the X session dies during package installation, you
won't be left with a half-completed transaction.
Though that only helps from the command line if you use
gpk-install-package-name rather than yum. Probably not too many people
do that :-)
- Owen
More information about the fedora-devel-list
mailing list