2009/4/4 Remco <remc...@gmail.com>: > That's a different idea though. My idea is that having to provide a > password is an unnecessary hurdle to people. Why must a password be > provided to start the update process? A policy could be made to allow > the update manager to do its thing without passwords.
Unless I'm mistaken update-manager would have to be rock-solid security wise in that case. By it's nature it needs write access to every file (at least every file outside of /home), and ability to stop and start running processes in order to work properly (so setuid root, right?). I think if it were practical that would be a good move, as long as all archives are signed I don't think much can go wrong on that side of it, but can we trust update-manager not to break and give someone privileges they shouldn't have? I don't know, maybe we can, I just think it's worth being very careful about it. -- Matt Wheeler m...@funkyhat.org -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss