On 06/07/2013 04:00 AM, David Sommerseth wrote:
> On 07/06/13 02:33, Todd And Margo Chester wrote:
>>>
>>> There is a long standing security reason non root users can't update
>>> software which affect all users on the system. Remember over all *ux
>>> design is based on a multi user model where only people granted root
>>> access by password access or even better sudo access can affect all
>>> users. This is a good thing, it was done in response to computer viruses
>>> in the 70s.
>>
>> yes.  I agree.  If you look over at the bug report, the request
>> is to prompt the user for the "root" password.  Sort of like
>> Mac OS does when they are install new packages.  If the user does not
>> know the root password, too bad.  At least it will not try to
>> install and then crash.  There are several packages out there
>> that already do this (ls /usr/bin | grep -i config)
>>
>
> This is quite simple policy-kit changes.
>
> The network configuration changes is handled by this policy:
> <file:///usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy>
>
> If there's a specific binary which is called (other than
> /usr/bin/firefox) to do these updates, it would be fairly simple to add
> this feature.  You would basically need a <action/> policy including a
> line similar to this one:
>
> <annotate
> key="org.freedesktop.policykit.exec.path">/path/to/binary</annotate>
>
> And then the updater need to be started via /usr/bin/pkexec ... and it
> would Just Work.
>
> See the polkit(8) man page for more info.
>
>
> --
> kind regards,
>
> David Sommerseth

Hi David,

    I posted it over on the bug report.  Thank you!

-T