The public milestone release of Fedora 12 this week had one big flaw in it that is now set to be corrected.
One key standard practice on nearly every Linux system I have ever seen or used is the separation of root and user roles. New software installation that affects an entire system typically can only be installed by the root user. That’s a behavior that was modified with the Fedora 12 release such that a local user could install signed applications without root authorization.
Now Fedora is reversing that policy.
“After more discussion and thought, though, the package maintainers
have posted to the fedora-devel-list mailing list agreeing to provide
an update to Fedora 12’s PackageKit,” Fedora Project Leader Paul Frields wrote. “The update will require local
console users to enter the root password to install new software
packages.”
Makes sense to me. What doesn’t make sense is why the new policy was put into Fedora 12 in the first place.
Fedora developer Owen Taylor though has put together a lengthy post about the developer rationale for the initial policy change and I can kinda/sorta see why at first it might have made sense for some people (but not all).
“In Fedora 9, 10, and 11, the first time a user tried to install a package from the Fedora repositories, they would be prompted for a root password, with a checkbox to remember that permission for the future. (Before Fedora 9, you had to enter the root password every time.),” Taylor wrote.