[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On 11/18/09 12:03, Konstantin Ryabitsev wrote:
2009/11/18 Simo Sorce<ssorce redhat com>:
If I have physical access to your machine, I'll own it. I may have to
use tools to get to the HDD, but it's only a question of time and
dedication.

*you* are not one of my users, and this has nothing to do with *you*
hacking in my machine. If I have physical access to a machine I do not
even care about what's installed on it. In 99% of the cases I will just
be able to boot from a live cd. That's a completely different issue.

Well, then we're violently agreeing about the same thing.

Anyway. It doesn't look like this is a change in Fedora policy,
because it clearly caught everyone off-guard. Looks like PK developer
made an executive decision and it's up to us to either issue an update
to revert to the previous behaviour, or to continue debating whether
allowing local console users to install trusted software from trusted
repositories is a sane security trade-off.

I haven't tried .. but does this this also include the capability for
my grade-school child to *remove* software using their account?
Like gcc?  glibc?  gdm?  All fun activities ...


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]