On Sunday 05 November 2006 22:55, Christian Boltz wrote:
> Hello,
>
> Am Sonntag, 5. November 2006 19:21 schrieb Klaus Kaempf:
> [...]
>
> > Wouldn't it be nice to have a single, secure, system-wide mechanism
> > to provide access control ?
> > Future versions of the package & patch management hopefully
> > can make use of such a system.
>
> Sounds much better ;-) (I also like Marcus' idea about using sudo
> and/or kdesu.)
Much better than what? I thought your main objection was the granularity of
the security, not how it was implemented
sudo is basically a hack, it's better to have a real solution for the system,
a real role based administration system. Preferably something where you can
define new roles with new authorities for new features, without having to
recompile everything
> For the records: I'd like to have the following permission levels in the
> package management:
> a) check for updates ("suse-watcher" style)
view
> b) install updates (including uninstalling obsolete and installing new
> requirements from existing installation sources)
install (except for the removal bit)
> c) install / remove any package from existing installation sources
install, remove
> The problem with zen-updater is that it currently needs b) and c),
> therefore people can easily add and remove other packages with
> zen-installer/-remover even if the admin isn't aware of this.
In other words, you'd be happy if zen added the security level "update", which
only allows for updates of already installed packages, and allows for
removals if they were forced through dependency checks, is that right?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
