Open Source Pixels

Every Pixel Counts

Home
About

Fedora 12 lets unprivileged users install packages

Fedora bug #534047 contains an interesting Fedora 12 surprise: “PackageKit allows you to install signed content from signed repositories
without a password by default. It only asks you to authenticate if anything is
unsigned or the signatures are wrong.” So any user can install any package found in the official repository. Some Fedora developers, at least, seem to see this as a feature; see this rapidly-growing thread for the discussion.

The bug report contains the incantation needed to disable this behavior:

    pklalockdown --lockdown org.freedesktop.packagekit.package-install

Evidently that is not a long-term solution, though; see this post for a rather more involved fix.
Stay tuned: we’ll probably post a longer look at this issue in the near future.

November 18, 2009 · Linux, News, Open Source · No Comments Yet

Archived Entry

Posted on Wednesday, Nov 18th, 2009 at 11:42 pm
Category : Linux & News & Open Source

You can leave a response, or trackback from your own site.

Open Source Pixels

Fedora 12 lets unprivileged users install packages

Leave a comment »

Archived Entry

Categories +/-

Archives +/-

Partners

Recent Posts +/-