[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?

Am 2009-11-18 19:23, schrieb Seth Vidal:

On Wed, 18 Nov 2009, nodata wrote:

Am 2009-11-18 19:18, schrieb Colin Walters:

This is a major change. I vote for secure by default.

If the admin wishes this "surprise-root" feature to be enabled he can
enable it.

I'm not sure how this is 'surprise root'. IT will only allow installs of
pkgs signed with a key you trust from a repo you've setup.

which pretty much means: if the admin trusts the repo, then it is okay.

Err no. Admins trusts software he has chosen to install from the repo. I definitely don't want a user configuring an ftp server or running anything with a cronjob on a server I look after.

If software starts running on a server that I didn't put there, it gets taken offline.

But this is missing the point! PackageKit != non-server, abandon the defaults.

if the admin doesn't trust the repo it should NOT be on the box and
enabled b/c an untrusted repo can nuke your entire world.

It's not about trusting a repo, it's about trusting the user.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]