Local users get to play root?
Simo Sorce
ssorce at redhat.com
Wed Nov 18 18:22:58 UTC 2009
On Wed, 2009-11-18 at 23:29 +0530, Rahul Sundaram wrote:
>
> Should the defaults be targeted towards home users or corporate
> desktop
> considering the short lifecycle of Fedora and the target audience? I
> am
> not sure there are corporate deployments but wouldn't they be heavily
> customized their desktop deployments and kickstarting it anyway?
I am not a corporation yet *I* manage the machines I have at home, and
if *I* give an account to my friend foo *I* don't want him to be able to
install nothing without asking me first, not even by mistake.
For better of worse even desktop Linux is a multi-user system and this
default is just crap and totally unnecessary given the previous version
allowed you to allow a user forever explicitly and without hassles.
This way I have to *fsck* remember each time to change it, this is
*wrong*, it doesn't respect the basic philosophy of least surprise.
I would almost consider it a security vulnerability and ask for a CVE to
be issued.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the fedora-devel-list
mailing list