Security policy oversight needed?
Simo Sorce
ssorce at redhat.com
Thu Nov 19 15:34:49 UTC 2009
On Thu, 2009-11-19 at 03:04 +0100, Kevin Kofler wrote:
>
> FWIW, upstream KDE requires root authentication to set the current
> time, and
> in fact one usage (the one usage? I haven't found others so far) of
> KAuth in
> KDE 4.4 will be to use PolicyKit to prompt for the root password (KDE
> 4.3
> uses kdesu there). So now we also have inconsistent system policies,
> with
> one tool explicitly prompting for root and another one not doing
> it. :-(
If you are using 2 different policies to do the same thing you are doing
something very wrong, you should use the same exact policy both for KDE
and GNOME and any other program that allows any non-root-user to change
the time on the computer.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the fedora-devel-list
mailing list