Comment 432 for bug 332945

On Mon, 2009-08-17 at 15:04 +0000, Rajeev Nair wrote:
>
> Any user who knows the admin password can install updates,

That's a pretty long stretch -- assuming that all users have the admin
password. This is *exactly* the mentality that has lead to millions of
windows machines being exploited and botnet soldiers. "Users" should
not have the admin password.

> so iam not
> sure what you mean by 'update manager appears for users who dont have
> permission to install'

Again, not all users have admin rights. You need to stop thinking about
the simplistic case of "home user" that installs Ubuntu on their own
machine. In a properly managed corporate environment, the "users" won't
have admin rights.