My package manager (KPackageKit) seems to be able to install updates without authentication. (Installing new packages does prompt for a password, it's only the updates) This is on a fairly recent clean installation of Kubuntu 10.04, and I haven't made any big changes to anything. I've searched around, and I can't really tell whether this is supposed to be happening. The consensus seems to be "Switch to synaptic," but my concern is this: Somehow, a program was able to edit root files without any authentication. How is that even possible? What should I do about it? Thanks!