User: Password:
Subscribe / Log in / New account

Re: Draft privilege escalation policy for comments

From:  Adam Williamson <>
To:  Development discussions related to Fedora <>
Subject:  Re: Draft privilege escalation policy for comments
Date:  Sat, 30 Jan 2010 11:20:23 -0800
Archive-link:  Article, Thread

On Sat, 2010-01-30 at 08:33 +0100, Kevin Kofler wrote: 
> Adam Williamson wrote:
> > Please do provide any and all feedback on the proposed policy. if we can
> > get it into a shape which most people on the list would find acceptable,
> > my next step will be to take it back to FESco for them to review.
> > Thanks.
> >From the proposal:
> > Add, remove, upgrade or downgrade any system-wide application or shared
> > resource (packaged or otherwise)
> The current PackageKit policy in F12 updates still allows upgrading (as 
> opposed to installing or removing, not sure about downgrading, does 
> PackageKit even support that?) packages without root authentication. Is this 
> intended to be changed as part of the proposal or should the proposal be 
> fixed instead (just remove "upgrade" from the sentence)?

That's odd. I made exactly that change in the second draft but it
somehow switched back in the third. I'd better review all second draft
changes tomorrow and make sure they're in the current draft as intended.

> > New and changed privilege escalation mechanisms
> Is the bureaucracy in this section really necessary? AFAICT what was missing 
> when the F12 PackageKit change was made was the informative part of the 
> proposal, the maintainer just didn't know what he should be allowing and 
> what not. I don't think the enforcement part is really needed, maintainers 
> should be able to get it right on their own given the detailed list of evil 
> things to avoid which the proposal provides and I haven't seen any evidence 
> as to the contrary (again, the PackageKit example is not applicable because 
> the PackageKit maintainer did NOT have such a list to go by when he made his 
> change; there's no reason to believe he'd have made that change in spite of 
> it).

I think it's sensible, yeah. It's not really much bureaucracy; I don't
think it would ever be a good idea to introduce a new privilege
escalation mechanism without FESco knowing about it...
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org

devel mailing list

(Log in to post comments)

Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds