Updates done by everyone
James Wilkinson
fedora at aprilcottage.co.uk
Mon Dec 11 08:00:56 UTC 2006
Roger Grosswiler wrote:
> All i would like, is that if the notify from linux comes with "xxx
> updates available" that the user can click "ok" to launch them itself.
OK -- now why is this the best way of doing things? And for whom?
It would only really make a difference where the user was *not* an
administrator, and there *was* another administrator. Why would you
*want* a pup-style applet on normal user desktops? Why should normal
users be expected to take responsibility for updating the system when it
clearly isn't their responsibility?
Or, to put it another way, in any situation like this:
1. The administrator wants updates to be applied. The administrator
ought to set up a regular yum -y update (possibly from a trusted
repo) and the users shouldn't be bothered.
2. The administrator does *not* want updates to be applied. In this
case, he doesn't want users updating behind his back. (Hopefully
these machines don't have Internet access anyway). So the users
should not be bothered.
3. The administrator doesn't care. That sounds like the usage model
you're talking about. And it sounds like your saying that normal
users should be *given* a measure of responsibility over the entire
system.
The point is that it isn't really for the distribution to give that
responsibility to users. It's been well established over the years that
you get a lot better security by having things closed by default and
letting the end-users enable what they want than by having things open
by default and hoping that the users know how to close them.
Ultimately, if the administrator really doesn't care, that's a human
problem that a Mere Computer can only work around by refusing to work
at all...
James.
--
E-mail: james@ | "Does exactly what it says on the tin." ...
aprilcottage.co.uk | I've got a tin at home: it says "Open other end".
| It never is.
| -- Humphrey Lyttelton, "I'm Sorry, I Haven't A Clue"
More information about the fedora-list
mailing list