Article Source LWN
November 18, 2009, 3:42 pm
November 18, 2009, 3:42 pm
Fedora bug #534047 contains an interesting Fedora 12 surprise: “PackageKit allows you to install signed content from signed repositories without a password by default. It only asks you to authenticate if anything is unsigned or the signatures are wrong.” So any user can install any package found in the official repository. Some Fedora developers, at least, seem to see this as a feature; see this rapidly-growing thread for the discussion…