[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



Eric Christensen (eric christensenplace us) said: 
> > It's a behavior change, for sure. For people who want to lock down their
> > systems, it's a default they will need to be able to change, and they
> > should have been able to discover it through the normal mechanisms for
> > that. (i.e., the release notes.). It likely should have been discussed
> > when it was introduced - it's obviously not something that's applicable
> > to all usage cases for the OS.
>
> You are assuming that the users have physical access to the box and also
> know how to get a root shell and that the box hasn't been hardened
> (before the PK vulnerability was known).

Sure, I said 'out of the box'. Out of the box none of those other
hardening steps are done either, which is why if this is a policy
that we want, it should be documented as a hardening step that can
be taken.

Bill


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]