On 8/20/07, <b class="gmail_sendername">David Zeuthen</b> &lt;<a href="mailto:davidz@redhat.com">davidz@redhat.com</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>So, like it or not, we simply need to engineer the security of the<br>operating system such that untrusted code running in your desktop<br>session can do as little harm as possible. </blockquote><div><br>Ok we&#39;re pretty far afield here but I don&#39;t disagree with anything you&#39;re saying here - all that work would help - but it doesn&#39;t change my opinion that by far the biggest bang for the buck in terms of security is making sure we get updates as painlessly (well tested etc.) as possible.&nbsp; And hence, that&#39;s why we should not have any password prompts for updating.
<br><br><br></div></div><br>