[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On Wed, 2009-11-18 at 13:23 -0500, Seth Vidal wrote:
> I'm not sure how this is 'surprise root'. IT will only allow installs
> of 
> pkgs signed with a key you trust from a repo you've setup.
> 
> which pretty much means: if the admin trusts the repo, then it is
> okay.
> 
> if the admin doesn't trust the repo it should NOT be on the box and 
> enabled b/c an untrusted repo can nuke your entire world.

I may trust the repo, that doesn't mean I want to allow installation of
any package that happens to live on that repo.

The problem is the *Default* not the fact that you can consciously allow
users to update without a password.

On some machines I allow that no problem cause I explained the users how
to do things, on some others not, and most importantly I do that per
user.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]