Bug 577070

Summary: Any user can update without root authentication.
Product: [Fedora] Fedora Reporter: Trapper <trapper>
Component: PackageKitAssignee: Richard Hughes <richard>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 12CC: cane-one, jonathan, rhughes, richard, scottro11, smparrish
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-06-18 14:41:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Trapper 2010-03-26 00:52:43 UTC 
Any user can install updates through the packagekit gui without authentication being required. I never get an authentication login box when updating. This began after my initial install of F12 and64 final and has continued through every update since.

I currently am running kernel 2.6.32.9-70.fc12.x86_64 and packagekit 0.5.7-1.fc12

This is basically the same issue that existed with this previous bug:

Bug 534047 - Active local console users get to install signed software on a machine they do not have the root password to
Comment 1 Richard Hughes 2010-03-26 07:51:50 UTC 
Installing new software != Updating existing sotware. Updating signed software by default without a password is good for security, and allowed by Fedora, see https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy
Comment 2 Scott Robbins 2010-04-11 20:58:47 UTC 
Judging from that document, it seems that this is contrary to it.  If a user can upgrade, for example, firefox, it affects all users. If a user upgrades NetworkManager, it will affect all users.  And so on.  If an upgrade breaks something, (and even signed updates do), it could certainly affect the entire system.
Comment 3 Cane One 2010-04-12 15:50:43 UTC 
Well, all I know is that I can replicate this authentication (lack of) situation on any machine I install to without me having a say in the matter. I can even replicate it using the F12 03-03-2010 Unity spin.

We were hoping to come back to Fedora but have concluded our machines will get Ubuntu 10.04 LTS at the end of the month instead. There were several reasons for this decision but the main one is Red Hat's/Fedora's evolving move to a rouge philosophy.

We've resolved this bug for ourselves.
Comment 4 Scott Robbins 2010-05-05 01:11:50 UTC 
Since you were kind enough to modify it in https://bugzilla.redhat.com/show_bug.cgi?id=584899 for RedHat EL6, won't you consider modifying it in Fedora as well?  I realize that one is for work and the other, frequently, for home, but it is something that could easily catch someone off guard with bad consequences.  

Please do consider making the default require authentication as was done in answer to the RHEL6 bug.
Comment 5 Richard Hughes 2010-05-05 06:38:38 UTC 
No, sorry. Red Hat Enterprise Linux has a different focus to Fedora, and deserves different defaults. If you're deploying Linux to a hostile environment like a classroom, you either want RHEL or you need to write a more locked down security policy for Fedora. I'm happy with the defaults in fedora now.