[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?





On Wed, 18 Nov 2009, Bruno Wolff III wrote:

On Wed, Nov 18, 2009 at 23:18:28 +0530,
 Rahul Sundaram <sundaram fedoraproject org> wrote:
On 11/18/2009 11:19 PM, nodata wrote:


Thanks. I have changed the title to:
"All users get to install software on a machine they do not have the
root password to"

.. if the packages are signed and from a signed repository. So, you left
out the important part. Explain why this is a problem in a bit more
detail.

Besides other issues listed, the packages being installed may be privileged
programs that the admin doesn't want on the system, may start services or
schedule runs at specified times by default which might considered a
problem by the admin, the extra packages may use up too much disk space
and cause problems.

If there are pkgs which run daemons which are defaulting to ON when installed or on next reboot - then we should be auditing those pkgs. Last I checked we default to OFF and that should continue to be the case.

-sv


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]