Op woensdag 08 februari 2012 23:46:46 schreef Renaud (Ron) Olgiati: > On Wednesday 08 Feb 2012 19:11 my mailbox was graced by a message from > > andre999 who wrote: > > So defaults being > > 1) release upgrades requiring root password. > > 2) package updates requiring user password. > > 3) if current account requires not password, no update. > > Wouldn't that satisfy security concerns ? > > No, it still leaves the user launching an update, hosing his system and > being left with a dead system. > > I feel (strongly) that updates, like upgrades, should only be done by > someone who can reinstall the system in case of problem ==> root. > > Cheers, > > Ron.
i feel that this is a point to be determined by the sysadmin in question, and i also find it unacceptable if we actually get to that point... as far as _defaults_ go, for me that sounds exactly like what i came up with below (more or less). imho, you're free to change the setting for your installs... also, iinm there are several security levels?
