2009/4/4 Nils Kassube <kass...@gmx.net>:
If you don't trust update-manager you would have to check everything after an update. I don't think anybody will do that even after providing the password. Most users don't even know what to look for to check the system.
That's not the point I'm trying to make. Maybe it's not as big an issue as I think, but I meant if update-manager had any possibility of crashing then perhaps a malicious user/program could use it to escalate privilieges (I've personally found 1 or 2 root escalation bugs in GDM for example, how would we guarantee not to have the same problems here)? -- Matt Wheeler m...@funkyhat.org
signature.asc
Description: OpenPGP digital signature
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss