Local users get to play root?
Ralf Corsepius
rc040203 at freenet.de
Wed Nov 18 17:56:45 UTC 2009
On 11/18/2009 06:14 PM, Rahul Sundaram wrote:
> On 11/18/2009 10:38 PM, nodata wrote:
>
> "PackageKit allows you to install signed content from signed
> repositories without a password by default. It only asks you to
> authenticate if anything is unsigned or the signatures are wrong"
>
> If you have a problem with this, do explain why.
a) It contradicts multi user working principles.
"Arbitrary console user" is able to kill the application his fellow
worker, who is logged in from remote, is working with
b) What if an upgrade fails badly?
c) What if an upgrade requires a reboot.
> Not suggesting it is
> not a problem but being more descriptive does help.
More information about the fedora-devel-list
mailing list