[Mageia-discuss] A possible risk ?

Diego Bello dbello at gmail.com
Wed Feb 8 22:15:46 CET 2012


On Wed, Feb 8, 2012 at 3:56 PM, Maarten Vanraes <alien at rmail.be> wrote:
> Op woensdag 08 februari 2012 15:57:59 schreef nicolas vigier:
>> It's not clear if we are talking about installing updates only, or
>> upgrading to a new version of the distribution. Installing updates is
>> supposed to be safe and can be allowed by default with user password.
>> But upgrading to a new distribution is more dangerous and should
>> probably only be allowed with root password.
>
> i agree...
>
> also people use update and upgrade, but it does not have the same meaning.
>
> the things being talked about above are really beyond the point. the sysadmin
> in question can set it up for the user however he wants...
>
> EXCEPT, he can't distinguish between updates and upgrades... or even guest
> users having access to updates and upgrades.
>
> my current proposal is to:
>
> 1. have a separate setting between allowing updates and upgrades.
> 2. change upgrades to allow root user only


AFAIK, Mandriva/Mageia do require root password to upgrade the system,
or am I wrong?


> 3. disable guest user to have update possibility.
>
> i think these are sensible defaults... <--- i'm talking about defaults here,
> people can still set it up whatever they want.
>
> and this option allows everyone to be somewhat happy.
>
> does someone disagree? if so, why?



-- 
Diego Bello Carreño


More information about the Mageia-discuss mailing list