Local users get to play root?

Adam Williamson awilliam at redhat.com
Thu Nov 19 04:27:15 UTC 2009


On Wed, 2009-11-18 at 20:20 -0600, Mike McGrath wrote:

> > 5) The people who want this new security policy should add an opt-in checkbox
> > in Anaconda or firstboot.

> Does anyone disagree with anything in 1-5?  It all sounds reasonable to
> me?

I disagree with 5, that's not a sensible or sustainable way to deal with
this kind of thing. At least not without some kind of coherent process.
Just throwing in single-issue checkboxes ad hoc is not the way to do
this - should we have fifty checkboxes for everything you can configure
users to be able to do or not able to do? If we're going to go down that
route, it needs to be a properly planned utility, something like
Mandriva's msec. Only, uh, probably better.

-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net




More information about the fedora-devel-list mailing list