Request For Candidates: Application Review Board

Scott Kitterman ubuntu at
Thu Aug 26 17:54:16 BST 2010

On Thursday, August 26, 2010 11:28:27 am Marc Deslauriers wrote:
> On Thu, 2010-08-26 at 11:15 -0400, Luke Faraone wrote:
> > On 08/26/2010 10:59 AM, Marc Deslauriers wrote:
> > > Installing an application with user privileges is a bad idea.
> > > Application software should not be vulnerable to tampering, either
> > > accidentally by the user himself, or by malware running in the user's
> > > security context. This will make the apps installed via the app store
> > > unreliable and susceptible to be trojaned.
> > 
> > That makes sense, but we do want to make it possible (most of the time)
> > for unprivledged users to install new applications, as long as those new
> > applications don't provide any avenue for the user to elevate their
> > privledges. Maybe a non-user-controllable / -modifiable, but
> > user-initiated install path would be useful for a certain class of
> > applications. (without publishing the application for all users of the
> > system)
> That is exactly the thing we should avoid. We _don't_ want unprivileged
> users to install new applications. On a single user desktop, the user
> already has the necessary privileges to install applications. On a
> multiuser system you may not want the user to have those privileges. I
> have privileges to install applications on my Android phone, why
> shouldn't I require privileges on my desktop?
> What exactly is the use case for someone who doesn't have administrative
> control over a computer to be able to install applications?

This is well put and I agree with it.  The user in a single user system should 
be able to install packages and they can.  In multi-user systems it is more 
complex and it should be.  If the administrator of a multi-user system choses 
to allow all users to install packages, they can do that, but it shouldn't be 
the default.

I put this in perspective of the only multi-user system at my house, the one 
my teenagers use.  I definitely don't want them installing stuff.

Scott K

More information about the ubuntu-devel mailing list