[Mageia-discuss] A possible risk ?

[Maarten Vanraes]

Op woensdag 08 februari 2012 15:57:59 schreef nicolas vigier:
> It's not clear if we are talking about installing updates only, or
> upgrading to a new version of the distribution. Installing updates is
> supposed to be safe and can be allowed by default with user password.
> But upgrading to a new distribution is more dangerous and should
> probably only be allowed with root password.

i agree...

also people use update and upgrade, but it does not have the same meaning.

the things being talked about above are really beyond the point. the sysadmin 
in question can set it up for the user however he wants...

EXCEPT, he can't distinguish between updates and upgrades... or even guest 
users having access to updates and upgrades.

my current proposal is to:

1. have a separate setting between allowing updates and upgrades.
2. change upgrades to allow root user only
3. disable guest user to have update possibility.

i think these are sensible defaults... <--- i'm talking about defaults here, 
people can still set it up whatever they want.

and this option allows everyone to be somewhat happy.

does someone disagree? if so, why?