Roger Grosswiler wrote: > All i would like, is that if the notify from linux comes with "xxx > updates available" that the user can click "ok" to launch them itself. OK -- now why is this the best way of doing things? And for whom? It would only really make a difference where the user was *not* an administrator, and there *was* another administrator. Why would you *want* a pup-style applet on normal user desktops? Why should normal users be expected to take responsibility for updating the system when it clearly isn't their responsibility? Or, to put it another way, in any situation like this: 1. The administrator wants updates to be applied. The administrator ought to set up a regular yum -y update (possibly from a trusted repo) and the users shouldn't be bothered. 2. The administrator does *not* want updates to be applied. In this case, he doesn't want users updating behind his back. (Hopefully these machines don't have Internet access anyway). So the users should not be bothered. 3. The administrator doesn't care. That sounds like the usage model you're talking about. And it sounds like your saying that normal users should be *given* a measure of responsibility over the entire system. The point is that it isn't really for the distribution to give that responsibility to users. It's been well established over the years that you get a lot better security by having things closed by default and letting the end-users enable what they want than by having things open by default and hoping that the users know how to close them. Ultimately, if the administrator really doesn't care, that's a human problem that a Mere Computer can only work around by refusing to work at all... James. -- E-mail: james@ | "Does exactly what it says on the tin." ... aprilcottage.co.uk | I've got a tin at home: it says "Open other end". | It never is. | -- Humphrey Lyttelton, "I'm Sorry, I Haven't A Clue"