Bug 218562
Summary: | Package Updater shouldn't require a root password to show you what updates are available. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Rodd Clarkson <rodd> |
Component: | pirut | Assignee: | Jeremy Katz <katzj> |
Status: | CLOSED DUPLICATE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6 | CC: | fedora, robatino |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-09-11 19:08:27 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 150225 |
Description
Rodd Clarkson
2006-12-06 01:21:10 UTC
That's the plan, just ran out of time for FC6 :) In the Summary line, "should" should be changed to "shouldn't". Ah, yes. Why shouldn't this system configuration object require a password? Why should a nonprivileged user be able to, via back channels, interrogate versioning of the software installed on target system? I would actaully advocate moving the software updater from Applications menu to System/Administration menu, and leaving the password in place. Alternatively, as part of SELINUX security profile, allow marking of pup as root-only. (In reply to comment #4) > Why shouldn't this system configuration object require a password? I'm not advocating that the user be able to install the software, but if the user is to be informed that updates are available, then they should be able to easily see what updates are available. It's not like they can't find out this information elsewhere. > Why should a nonprivileged user be able to, via back channels, interrogate > versioning of the software installed on target system? Unless I'm missing something, the user already can do 'interogate versioning'. Grab a terminal and type in 'rpm -q <package ...>' Are you advocating that we remove terminal access, allow with all the virtual terminals so that the user can't be more aware of what's on the computer they use? > I would actaully advocate moving the software updater from Applications menu > to System/Administration menu, and leaving the password in place. May as well get rid of the update alert in the Notification Area too. After all, even if the user can't find out what's being offered for update using the desktop, it might alert them to the fact that updates are avaiable and go and find the information somewhere else (even if it means browsing the ftp repositories). > Alternatively, as part of SELINUX security profile, allow marking of pup as root-only. Would this mean you'd need to be running your desktop as root to be alerted to updates? I didn't think that was 'best practice'. |