Description of problem: If the user slides the authentication window out of the way, they can add or delete connections. Version-Release number of selected component (if applicable): virt-manager-0.8.2-3.fc12.noarch How reproducible: Always Steps to Reproduce: 1. Start virt-manager 2. Move authentication window out of the way 3. Right click on kvm connection and select delete 4. Click on the File | Add Connection menu item 5. Add a connection to a Xen system Expected results: Unauthenticated user should not be able to do anything.
What is being authenticated is the actual libvirt communication channel, not virt-manager itself. You can cancel the polkit dialog and change virt-manager preferences at will, since they belong to the user running the app. Creating or deleting a connection just makes virt-manager forget about it, it doesn't have any effect on libvirt or vms.