[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Thu, 2009-11-19 at 03:04 +0100, Kevin Kofler wrote:
> 
> FWIW, upstream KDE requires root authentication to set the current
> time, and 
> in fact one usage (the one usage? I haven't found others so far) of
> KAuth in 
> KDE 4.4 will be to use PolicyKit to prompt for the root password (KDE
> 4.3 
> uses kdesu there). So now we also have inconsistent system policies,
> with 
> one tool explicitly prompting for root and another one not doing
> it. :-(

If you are using 2 different policies to do the same thing you are doing
something very wrong, you should use the same exact policy both for KDE
and GNOME and any other program that allows any non-root-user to change
the time on the computer.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]