[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: About democracy was Re: Organizing for 6.2





> > It also needs to be easy for a newbie to add extra packages without
> > too much difficulty once the system is running - i.e. without having
> > to su or logout and login as root - a graphical RPM browser with
> > setuid wrapper round the actual install so that a privaledged user
> > can install things without being root - the initial non-root user
> > created by the install should be allowed to install packages.
> > Can RPM keep track of who installed packages? i.e. can you allow
>
> No.  That should be added to the front end assuming the user does not
> do an su.
>
> Problem is that your feature is dangerous.  How<ver I am thinking
> there should be away to give special status to the other userid of the
> person wwho is the physical root).  Fo instance automatically set up
> the duistro for him getting root's mail and so on.
>
> I also thought in giving him security privileges butproblem is how to
> avoid those privileges being used by a virus (by the way we should
> educate users about benefits of security: prsently they see it as
> chore.
>
> > a user to install an RPM, try it out, then decide he doesn't
> > actually want that package and remove it without allowing the

> > user to remove every package on the system?> >

I don't know if any of you used mandrake 7.0 but it included a package
called 'urpmi'
they compared rpm to urpmi is like insmod to modprobe.  I believe it stands
for User RPM Interface
and it works pretty well. Just type the correct name of the program - no
version - and it will search the
drives and cdrom for the newest version and install it without having to be
root or use su.  To prevent security though they have some kind of database
I believe of all standard packages or soemthing.  Perhaps you should look
into this. I used it and found it very helpful but not being an expert know
how secure it really is.