On Fri, Jan 23, 2009 at 1:20 PM, Aaron Konstam <akonstam@xxxxxxxxxxxxx> wrote: > On Fri, 2009-01-23 at 12:10 -0500, R. G. Newbury wrote: >> Jeff Spaleta <jspaleta@xxxxxxxxx> wrote: >> > > Kevin Kofler <kevin.kofler@xxxxxxxxx> wrote: >> > > But PolicyKit does not work in a root session: >> > > https://bugzilla.redhat.com/show_bug.cgi?id=447266 >> >> > Hmm...this is probably worthy of some nuanced and masterfully >> > persuasive oratory as to where to strike the balance between designing >> > for expected use cases and designing a system with flexibility to >> > accomedate local needs even when those use cases are not considered >> > best practises. . >> >> No nuanced and masterfully persuasive oratory can disguise the fact that >> someone has made *and enforced* a decision that *they know better >> than the user* how "THINGS MUST BE DONE" purely because the doing, is >> considered to be 'not best practice'. >> >> In this particular case, the 'best practice' enforcement approaches >> religious fervour in its application. In the particular instance which >> started this thread, PolicyKit nags about being root, and then *refuses* >> to allow the installation of an rpm! It does not deny the right to >> download and install the rpm in a console....It just denies the user the >> advantages of using PackageManager to resolve dependenices directly. >> >> And *exactly* what nuanced extra is added to the equation, by forcing >> the administrator to log out of root, to log in as a user, to do the >> same thing? Especially in a circumstance where the install is actually >> desired to be general and not user-local? This position is idiocy. >> >> I don't mind a nag. I DO mind unknown and unaccountable people >> attempting to enforce their quasi-religious beliefs on me (by >> quasi-religious, I mean the attitude which equates doing anything while >> root is akin to giving booze and car-keys to seventeen year old boys: >> instantly and always catastrophically dangerous.) I know using root can >> increase the probability of disaster. But I want to be able to decide >> what the limits of my risk tolerance are, not have someone else do it. >> >> That argument, the libertarian argumnent is one of the underlying bases >> of the free software movement. Let's have it recognized and venerated in >> the code! >> >> Geoff > My memory is that the designer of PackageManager indicated on the list > that running PackageManager as root has security problems that running > it as a user and entering the root password does not have. I believed > him. Your objection is that it makes you log as a user rather than as > root. > > I believe in the theory that "freedom" derives from the words free doom > indicating that everyone has a right to commit suicide in his (or her) > own way. I strongly support your committing suicide in any way you > desire. > > Aaron Konstam I would like to know why the developer of PackageManager makes a distinction between a root and a user login? Cut out extraneous code. Make any user enter the root password. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
