Package Management Blows Goats (use cases)

Richard Hughes hughsient at gmail.com
Mon Aug 13 07:21:29 UTC 2007


On Sun, 2007-08-12 at 18:16 +0200, Nicolas Mailhot wrote:
> Le mardi 31 juillet 2007 à 10:36 +0100, Richard Hughes a écrit :
> > On Tue, 2007-07-31 at 05:18 -0400, Alan Cox wrote:
> > > On Tue, Jul 31, 2007 at 09:51:33AM +0100, Richard Hughes wrote:
> > > > Toby logs into his desktop. A notification area icon with a critical
> > > > icon appears in the top right and a libnotify popup tells him there are
> > > > 3 three critical security updates. The libnotify popup has three
> > > 
> > > Who is Toby, is he authorised to install updates ?
> > 
> > I figured security updates could be installed by anyone.
> 
> No
> If you go there you may as well make security updates automatically
> installed without any user interaction

Which would also be a valid policy choice.

> If an install/update needs a user intervention it better be a qualified
> strongly authenticated user and not the visiting neighbour kid you put
> before a computer game so he has something to do while you talk together

Sure. But I think there is merit in making this choice defined by an
admin.

Richard.





More information about the fedora-devel-list mailing list