Local users get to play root?

Mike McGrath mmcgrath at redhat.com
Wed Nov 18 21:44:26 UTC 2009


On Wed, 18 Nov 2009, Jeff Garzik wrote:

> On 11/18/2009 01:28 PM, Seth Vidal wrote:
> > I didn't say it did - I said it didn't make sense to have items like PK
> > on servers.
>
>
> Listen to yourself.
>
> The above is a blatant admission that it is REALLY EASY for existing users to
> upgrade themselves into a security nightmare.
>
> 	* F11 w/ PK: requires root
> 	* F12 w/ PK: does not require root
>
> And you don't see any problem with this?
>

I can invent problems with this if I want to.  But I suspect that when F13
comes out, people will look back on F12 and find PK more usable not less
secure even though it is technically both.

	-Mike




More information about the fedora-devel-list mailing list