[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora Feature Proposal: Yum Integration



On Thu, 2007-07-19 at 08:25 -0400, Matthew Miller wrote:

> For many systems, it'd be handy for users to be able to autheneticate with
> their own passwords, and then with those credentials add and remove *user
> level* software from known repositories with valid GPG keys, but still
> require root (or wheel group membership) to add or (and especially) remove
> system level software. That's useful -- but, as mentioned, kinda
> crack-ridden. (Partly, of course, because the distinction between user level
> and system level is very blurry.)

blurry? no it's completely non-existent. :)


> Right now, it's trivially easy to make it so you can run yum with your own
> credentials -- but it's not limited in any way. Doing this the right way
> (perhaps with oddjob) would be a bit of work, but doing it the easy but less
> secure way -- run as root, check for limitations -- could be done with a
> plugin.
> 
> As a first cut for policy
> 
>  1) users can't do anything that would cause a member of the Core or Base
>     groups to be removed
>  2) can add and remove packages from a list of groups like GNOME Desktop
>     Environment, Games and Entertainment, etc., as long as it doesn't
>     conflict with #1
>  3) can't do anything else
> 
> Perhaps the list of protected-from-removal packages would need to be
> expanded, but that's the basic idea.

This feels pretty scary. We'd constantly be moving the line to
accommodate varying levels of paranoia - and we'd have a big list we'd
have to keep current to make sure it wasn't outdated.

-sv



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]