Le mardi 19 octobre 2010 à 00:38 +0200, Michael Biebl a écrit : > 1/ The sudo group in previous Debian releases had a different meaning: Members > of groups sudo could run sudo without needing a password. Did it exist in previous releases? I don’t recall seeing it in sudoers. > 2/ Using the name sudo in context of PolicyKit sounds weird and misleading. I don’t think so, since the configuration snippet makes PK behave like sudo. > So, I'm wondering if we shouldn't pick a more neutral name without a previous > history in Debian. > One suggestion is to use group "admin". Ubuntu has been using that group for > exactly the purpose what we are going for and I think it is a pretty > adequate name. “admin” is a very widespread group name, this is likely to cause huge security issues if members of this group are not supposed to be granted root privileges. > I'm a bit undecided atm. While I lean towards using a new group and in that case > the name "admin", I also know that we are already late in the squeeze release > cycle and picking a new name will require changes to user-setup and sudo. > policykit-1 hasn't being updated yet, so it'll require a new upload anyway. I think it’s much more important to get this change into squeeze than to bikeshed the group name. Le mardi 19 octobre 2010 à 02:12 +0200, Jesús M. Navarro a écrit : > What about the old-fashioned "wheel" group[1]? This would be an even worse disaster than “admin”, for similar reasons. Users of the “wheel” group were not supposed to get root privileges with their own password. Cheers, -- .''`. Josselin Mouette : :' : `. `' “If you behave this way because you are blackmailed by someone, `- […] I will see what I can do for you.” -- Jörg Schilling
Attachment:
signature.asc
Description: This is a digitally signed message part