[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On Wed, Nov 18, 2009 at 02:11:18PM -0500, Colin Walters wrote:
> On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams <cmadams hiwaay net> wrote:
> >
> > It seems the latest way of doing this is via PolicyKit.  IMHO all
> > PolicyKit configuration should be "secure by default",
> 
> "secure" is an meaningless term without reference to a deployment
> model and threat model,

Chris gave you such a model:

On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams <cmadams hiwaay net> wrote:
> Fedora has made a big push into the multi-user desktop (which many home
> computers are now) with things like fast user switching.  In many such
> setups, not all users are considered "administrators" of the system
> (think parents and kids for example).  However, Fedora continues to slip
> in (with no announcement and no documentation on how to change) things
> that allow the console user to be an administrator without any
> additional authentication.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]