Fedora 18 DVD Jan 15th version

From a guest account I am able to start a software update.  

Only via an account with root privileges (root, or via sudo) should updates be permitted.

Here is the result of my test result.

The guest account is a normal (no administrator) privileges). There is no request for authorisation.  

Start Add/remove software, 

From Software Menu icon, click on it and select Check for Updates

The result is that the linux system is updated.

Why this should not be.  

We may have some application, database, network, or business application that needs execution with the linux system as it is.

By the non-authorized user, the updates were selected and applied, and with a kernel update, a reboot was required.  This reboot caused previous program(s) to fail.

Only via root privileges should an update be permitted.

Is my guest account (non administrator) going to initiate updates without providing a password?

Suppose I am running an application that requires a very specific version of installed software, and the normal user selects software update. My specific version of software may be overwritten, which means that other applications that will call the reserved version could fail.

We don't stand behind the user, watching what he does. He may trigger an update.

One option-- Require software updates to always require root privileges
2nd option-- Provide a blocking option as within yum such as exclude=
3rd option-- Do not show software selection for a normal user account.


Implement or indicate if it is a do-not-fix or will be fixed, and fix it.

This bug is a request to fix an insecurity problem.

A standard user should not be allowed to trigger software updates. Refer to comment 3 above

if guest user issues sudo, and is not in wheel group, user is blocked.