On Wed, Jul 09, 2008 at 10:37:27AM +0100, Daniel P. Berrange wrote:
After discussions with policykit maintainers I've come to the conclusion that it is better for security if we default to 'auth_admin_keep_sesion' instead of 'auth_self_keep_session'. ie prompt for the root password (ala 'su') instead of the user's password (ala 'sudo'). This is because having access to libvirtd gives you very significant power over the host machine.
Secondly, newer versions of policykit have imposed a naming constraint on policy files, so when we install our policy it needs to be in a file called org.libvirt.unix.policy, instead of just libvirt.policy. So there's a change to the Makefile to support this.
Okay, sounds fine, +1 Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard@redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/