PolicyKit and malware, was: What I HATE about F11
Kevin Kofler
kevin.kofler at chello.at
Tue Jun 23 14:10:27 UTC 2009
David Zeuthen wrote:
> Anyway, the goal of PolicyKit isn't to fix the "cope with malware in
> your session" problem. That problem is much much harder to fix and it
> requires us to depart from the model where the whole user session is a
> single security context.
Then why does it prompt for authentication at all? It could just as well
just let the user do everything without a password, he/she's already
authenticated due to the login. Prompting for passwords again makes sense
to protect against malware, but what else? Users who left their desktop for
a while? It's their responsibility to lock the desktop.
Kevin Kofler
More information about the fedora-devel-list
mailing list