Local users get to play root?
Richard W.M. Jones
rjones at redhat.com
Wed Nov 18 20:08:06 UTC 2009
On Wed, Nov 18, 2009 at 02:11:18PM -0500, Colin Walters wrote:
> On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams <cmadams at hiwaay.net> wrote:
> >
> > It seems the latest way of doing this is via PolicyKit. IMHO all
> > PolicyKit configuration should be "secure by default",
>
> "secure" is an meaningless term without reference to a deployment
> model and threat model,
Chris gave you such a model:
On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams <cmadams at hiwaay.net> wrote:
> Fedora has made a big push into the multi-user desktop (which many home
> computers are now) with things like fast user switching. In many such
> setups, not all users are considered "administrators" of the system
> (think parents and kids for example). However, Fedora continues to slip
> in (with no announcement and no documentation on how to change) things
> that allow the console user to be an administrator without any
> additional authentication.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw
More information about the fedora-devel-list
mailing list