Comment 9 for bug 685215

Revision history for this message
Eliah Kagan (degeneracypressure) wrote :

@alainpannetier
You have misunderstood. Non-administrators cannot create user accounts (nor can they perform other administrative tasks). Being root is not the same thing as being an administrator. And the security model you are misunderstanding does not apply to Linux-based operating systems as a whole (just to some distributions, including Ubuntu), nor does it apply only to Linux-based operating systems. (For example, openSUSE doesn't use this security model, but Mac OS X does. And Debian formally supports this security model but also formally supports a different model.)

I Ubuntu, for many administrative tasks, administrators run programs as root with sudo (or its graphical frontends, gksu, gksudo, and kdesudo). Only administrators can do this--regular users cannot. For other administrative tasks, like creating/managing user accounts with users-admin, the PolicyKit daemon (which itself runs as root) is asked to perform administrative operations--it will only "agree" to perform them if the user who is asking is an administrator.

This bug is not a good place to discuss the general issue of how authentication is performed for administrative tasks. Please read https://help.ubuntu.com/community/RootSudo and http://en.wikipedia.org/wiki/PolicyKit if you have not done so already, and if you are still want to discuss or ask about this matter, please post a question (https://answers.launchpad.net/ubuntu/+addquestion). You can post a link to the question here, and I'll make sure to subscribe to the question and to attend to it (if nobody else does first), but since the issue you have raised is not specifically about this bug, it should not be discussed further here. If you have questions about why this bug was marked Won't Fix, posting a question would also be the most appropriate way to ask about that.