update-manager not asking for authentication in Oneiric Beta
alan at popey.com
Thu Sep 15 09:53:42 UTC 2011
On 15 September 2011 09:47, Colin Law <clanlaw at googlemail.com> wrote:
> I would be interested on comments on this bug ([Oneiric]
> update-manager installs packages without authentication)
Looks like a good idea to me.
> To summarise, in Oneiric Beta when an administrator user install
> upgrades he/she is not asked to authenticate.
The authentication does happen via policykit, so it does _know_ you're
"allowed" to do the update. It just doesn't prompt you for a password
to prove it's 'you'.
> The bug is marked as
> won't fix even though it is (as far as I can see) a change from
> previous operation.
Change does not always equal bug.
> 1. Should update manager ask for authentication?
I don't think so, no. I like the idea that it pops up and says "hey
there's updates" and I can easily dismiss it quickly to do the updates
without having to type a password.
> 2. I thought that one of the principles of Linux that makes it much
> less open to attack is that one cannot write to system areas of disk
> without authentication. How is it then that update manager is able to
> do this (whether by accident or design) without authentication?
You have authentication. You logged in with a username and password.
You're also (probably) sat at the machine. So when update manager
appears, chances are it's you (and not someone else) who sees it and
proceeds with the update.
If someone else is at your machine and doing malicious things to
update manager (is updating a machine malicious?) then all bets are
off anyway, because you've given someone else physical access to your
computer. They could screw up your system much more easily and more
comprehensively than update manager could ever hope to.
More information about the ubuntu-users