On Mon, 21 Mar 2011 22:41:55 -0500 suvayu ali <fatkasuvayu+linux@xxxxxxxxx> wrote: > On Mon, Mar 21, 2011 at 12:47 PM, Tom H <tomh0665@xxxxxxxxx> wrote: > >> Speaking of which, I am not exactly comfortable with why Fedora (or > >> Ubuntu) allow any user to install updates using PackageKit without any > >> root access (or sudo password). I feel that this is not really right > >> from a security point of view.... > > > > I don't think that Ubuntu's ever had this issue and I'm pretty sure (I > > hope!) that only F12 had it, very briefly. > > Isn't that how Packagekit behaves for updates? It only asks for the > root password when some new package is installed because of > dependencies. At least that is my experience in F13 and F14. > That was exactly my point. When the icon appears, one can click and say update packages (or something like that). No password is ever asked for. This approach to security (or lack thereof) makes me squeamish. Perhaps this is not a problem for U, but definitely for F. Best wishes, Ranjan -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
