Follow-up Comment #4, bug #34326 (project grub): "PolicyKit simply provides organisation and a means by which unprivileged users can perform privileged actions. " "In short, it is a cool sudo :) " This is exactly the problem. Allowing unprivilegied used to do something additional without admin consent is a bad thing. You always have to make a trade-off between security and convenience. While some distros are pretty convenient some other take a die-hard pro-security side and in upstream we shouldn't do anything to change it to more convenience, at least by default. Also if we ship something like this we imply that using them is secure but in fact the background are scripts and programs which may have undiscovered security vulnerabilities.
_______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?34326> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ _______________________________________________ Bug-grub mailing list Bug-grub@gnu.org https://lists.gnu.org/mailman/listinfo/bug-grub