https://bugzilla.novell.com/show_bug.cgi?id=446095
User rhughes@redhat.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=446095#c6
Richard Hughes
The warning is nonsense.
It's not. You're running a GTK+ stack as root, with a program that calls out to PolicyKit. If you're doing that then all security is broken, and all bets are off, unless you're using an additional MAC layer like SELinux. As soon as you've got a GTK+ application running as root with a saved authorisation with PolicyKit, you can quite easily use GTK_MODULES to install or remove stuff without any user interaction. That's quite different from a pixbuf over-run.
A warning about running the whole desktop as root might be ok, but updating packages does not work without root permissions.
Wrong, sorry. The daemon is running as root in the user session (system activated) but you really don't want both halves of the split running as root. The whole design of PackageKit is taken from an unprivileged frontend and the concept of a privileged daemon taking untrusted input.
And the second half of the warning takes me even more wonders. We always run the graphical YaST as root...
Right. You probably don't need me to tell you running GTK+ applications as root is a very bad idea.
This warning probably does not make sense to the desktop user. It is just too general, badly worded, and does not tell the user what he actually should do.
If I had my way, gdm would disallow a root login, but even I coincide that's a some-what militant. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.