Re: security policy / root passwords

[Alexey Serikov <kompadre@gmail.com>]

A few points: 

1) if your user is part of sudo group, most of the time gnome will ask for your user's password instead of root's.
2) Debian is a finite set of software. It provides packages (literally thousands of them) that are stable, safe and malicious pop-ups free. It also provides packages enabling user to run software that cannot be found in Debian's pool (and is potentially unsafe) in a safe, virtualized environment (qemu and stuff). 
3) xfce needs less root
4) asking a user to open up a console and type their root's password there will add unnecessary complexity while enforcing a security mechanism like selinux will be a pain. Please leave it be.

On Mon, Jun 10, 2013 at 9:31 AM, Timo Juhani Lindfors <timo.lindfors@iki.fi> wrote:

Michael Banck <mbanck@debian.org> writes:
>> I think the best approach would be sudo and requesting the user for
>> their own password - and probably be more informative about why the
>> password is needed or what is being installed.
>
> By the way, this seems to be the case for my wheezy installation,
> however, I am running vanilla Gnome3, not Classic (and have been running
> wheezy all along sind late 2012).

Perhaps your user is in the sudo group? If yes then at least in squeeze
policykit will consider you to be admin:

$ cat /etc/polkit-1/localauthority.conf.d/51-debian-sudo.conf
[Configuration]
AdminIdentities=unix-group:sudo

--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: [🔎] 848v2izak6.fsf@sauna.l.org" target="_blank">http://lists.debian.org/[🔎] 848v2izak6.fsf@sauna.l.org