Local users get to play root?
Jeff Garzik
jgarzik at pobox.com
Thu Nov 19 00:36:23 UTC 2009
On 11/18/2009 07:34 PM, Jeff Garzik wrote:
> On 11/18/2009 07:23 PM, Bill Nottingham wrote:
>> Jeff Garzik (jgarzik at pobox.com) said:
>>> Sorry, but this default (desktop users can install pkgs without
>>> root) is just stupid. It is antithetical to all standard security
>>> models that have come before in Fedora and other Linux
>>> distributions.
>>
>> Out of the box, a desktop user has the ability to shut down the machine.
>> This gives them the ability, out of the box, to:
>> - DoS everyone on it
>> - get a root shell
>> -- install whatever they want
>> -- put viruses on
>> - hell, slap in a livecd or USB key and reinstall the box
>
> How is any of that justification for lowering the security bar to zero?
>
> All of those you list are more technically complex than the current F12
> behavior -- letting the kids or guests click a button.
And it ignores that remote exploits are now much easier, because remote
non-root exploit + package install == remote root exploit.
Jeff
More information about the fedora-devel-list
mailing list