On 08/02/12 12:35, Michael Scherer wrote:
Le mercredi 08 février 2012 à 08:47 -0300, Renaud (Ron) Olgiati a
écrit :
On Wednesday 08 Feb 2012 08:37 my mailbox was graced by a message from Claire
Robinson who wrote:
I ended up installing Mageia 1 on his box, but I wonder why does the
distribution allow the user to potentially hose his system, when it
requires the root password to install a prog ?
Would it not make more sense to ask for the root password for the updates?
It is configurable in MCC. You can find it under Security => Configure
authentication for Mageia Tools.
Just select root for Update.
Brilliant, thanks.
But would it not make more sense to have the default changed to root ?
That totally miss the point, which is that a upgrade hosed the system.
Would requiring the root password have changed that ? I doubt.
However, if the user cannot do upgrade without asking to someone else
( because that's the whole point of having 2 different passwords, else,
that's just a nuisance that will confuse most people ), then he will
likely miss security and bugfixes updates, and that's problematic.
And I truly doubt that having a separate person ( ie, asking to someone
else who has the root password ) would have avoid any issues due to
upgrade. I am pretty sure that both of us would have also updated the
computer.
The risk is the lack of QA, and I have been repeating this since a long
time. If people cannot trust updates, they will use them, and they face
issues and security problems, and that will tarnish our reputation,
among others.
I don't think QA is an issue regarding updates to 1. Do you really feel
that way or were you meaning in a more general way?
Ensuring an upgrade path from Mandriva 2010.2 is really something we (QA
team) would expect maintainers to maintain.
