On Tue, May 30, 2006 at 10:53:08AM +0200, Andreas Jaeger wrote:
Marcus Meissner <meissner@suse.de> writes:
[...] - Also a update management system agnostic YOU watcher.
The old one just ran "online_update" and parsed its output. Only for the actual update it required the root password.
We could port the old one to run "rug", or whatever other equivalent.
The ZMD permissions handling is too permissive and too difficult to understand in my eyes.
So, what do you propose for permissions? Always root password for the update? I've seen positive feedback about needing the root password only initially when granting the permissions.
I am not sure and this is in the end more of a design issue... How much of the strict root <-> user seperation should be kept up? Because once you add "subscribe" and "install" privileges (like currently default proposed) for the user he has "root" equivalent rights. Which is very bad, since you do no additional credential checking afterwards. This would be exploitable by any malware that comes along, making it easier for Linux to become a virus heaven very similar to Windows. Currently any SL 10.1 with zen-updater with these rights is running the desktop as "root" user. Ciao, Marcus