Security policy oversight needed?
Jeff Garzik
jgarzik at pobox.com
Thu Nov 19 00:43:54 UTC 2009
On 11/18/2009 07:37 PM, Mike McGrath wrote:
> I think that's too subjective though. I'd be more in favor of a simple,
> broad view of what the user should be able to do without root. It's
> possible "install packages" would be on that list, it's possible not.
> That way packages could ask themselves "does this break the policy?" If
> it doesn't, great. If it does, time for a bug report.
>
> Better then a review process because then everyone would generally know
> what to expect.
Agreed, that makes more sense and is more scalable.
Jeff
More information about the fedora-devel-list
mailing list