[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



nodata wrote:
> It doesn't make sense to define the security setup of a machine based on
> "oh well packagekit is installed, so it must be a desktop machine for
> which there is one or maybe two primary users who are all trusted to
> decide if they want to install software".

And the irony in all this is that this "the security requirements of the 
machine are defined by what packages are, or rather are not, installed" 
assumption is exactly what makes this very "feature" such a security risk!

        Kevin Kofler


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]