PackageKit policy: background and plans
Conrad Meyer
cemeyer at u.washington.edu
Fri Nov 20 05:26:53 UTC 2009
On Thursday 19 November 2009 09:09:15 pm James Morris wrote:
> On Thu, 19 Nov 2009, Owen Taylor wrote:
> > Among the decisions Richard made was allowing all users to install
> > signed packages from the Fedora repositories. This was clearly the right
> > behavior for the common case of a single-user system, where the only
> > user is also the administrator.
>
> I don't think this is clearly the right behavior at all.
>
> ...
>
> I think it's fair to say that having this happen as root would generally
> be worse than it happening as an unprivileged user. For the latter, the
> attacker would need to also then succeed with a local privilege escalation
> attack to the same effect.
On the contrary. On the typical single user system, it's just as bad if an
attacker can steal / delete / modify the user's files as it is if the attacker
can modify / delete system files. Privilege escalation isn't needed to delete
everything the single user cares about.
Regards,
--
Conrad Meyer <cemeyer at u.washington.edu>
More information about the fedora-devel-list
mailing list