Le mercredi 08 février 2012 à 08:47 -0300, Renaud (Ron) Olgiati a écrit : > On Wednesday 08 Feb 2012 08:37 my mailbox was graced by a message from Claire > Robinson who wrote: > > > I ended up installing Mageia 1 on his box, but I wonder why does the > > > distribution allow the user to potentially hose his system, when it > > > requires the root password to install a prog ? > > > Would it not make more sense to ask for the root password for the updates? > > > It is configurable in MCC. You can find it under Security => Configure > > authentication for Mageia Tools. > > Just select root for Update. > > Brilliant, thanks. > > But would it not make more sense to have the default changed to root ?
That totally miss the point, which is that a upgrade hosed the system. Would requiring the root password have changed that ? I doubt. However, if the user cannot do upgrade without asking to someone else ( because that's the whole point of having 2 different passwords, else, that's just a nuisance that will confuse most people ), then he will likely miss security and bugfixes updates, and that's problematic. And I truly doubt that having a separate person ( ie, asking to someone else who has the root password ) would have avoid any issues due to upgrade. I am pretty sure that both of us would have also updated the computer. The risk is the lack of QA, and I have been repeating this since a long time. If people cannot trust updates, they will use them, and they face issues and security problems, and that will tarnish our reputation, among others. -- Michael Scherer
