2009/4/5 John McCabe-Dansted <gma...@gmail.com>:
Adding something like %sudo ALL=NOPASSWD: aptitude update to the sudoers gives almost the right rights. If there is no user input into aptitude, then this does not add any new such security holes.
/usr/bin/aptitude would be safer, but yes.
However, Update-manager allows the user to unselect updates. So to allow non-root users to do a selective upgrade, we'd have to pass in the packages to update, running a risk that these package names are malicious and cause Update-manager to do something bad. I imagine this risk could be made quite small
What I'm talking about is unknown security holes, which unfortunately lots of apps seem to have. Is the risk of any being present sufficiently small? Does using sudo rather than suid bit have any advantages security wise (apart from the obvious limits on which users can run the program)?
Still, an overnight auto-update seems like a sensible default for novice users who don't need or want to know what an update is. This is what I set my computer too when I am overseas and leave my computer on for family to use.
I agree, I think automatic updates are a good idea in general. Perhaps there are ways of getting around the issues people have mentioned with updates stopping current processes from working properly? I don't know but it seems like that would mean changes to the way dpkg works (or at least some clever scheduling by apt(itude). -- Matt Wheeler m...@funkyhat.org
signature.asc
Description: OpenPGP digital signature
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
