Le mardi 19 octobre 2010 à 09:58 +0100, Philip Hands a écrit : > > For PolicyKit, I can now simply ship a file, say > > /etc/polkit-1/localauthority.conf.d/51-debian-sudo.conf which contains: > > > > [Configuration] > > AdminIdentities=unix-group:sudo > > I would object to 'sudo' being a group of people that can simply become > root if they happen to be logged in -- is that what the PolicyKit > incantation would allow?
No, it leads to them being able to do PolicyKit actions (such as formatting a disk or changing a system default) that require root privileges, with entering their own password. Just as sudo does without NOPASSWD. Cheers, -- .''`. : :' : “You would need to ask a lawyer if you don't know `. `' that a handshake of course makes a valid contract.” `- -- J???rg Schilling -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1287479240.10136.10.ca...@meh
