[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On Wed, 2009-11-18 at 19:34 -0500, Jeff Garzik wrote:

> IFF this feature was listed as a question in firstboot,

This is generally considered to be a bad way of organizing things.
Asking people vague questions about the intended role of the system or
the intended nature of a given user account is a great way to confuse
them into making the wrong choice, especially since it wouldn't be at
all obvious what the actual impact of each choice would be. I don't
think that's the answer here. (frankly I'm a bit dubious about the plan
to introduce a simplistic 'user / administrator' paradigm, but that's a
wider topic).

> and IFF this feature was explained in detail in release notes, then there 
> would have been no problem at all...

it is now :)
http://docs.fedoraproject.org/release-notes/f12/en-US/html/sect-Release_Notes-Security.html (but yes, obviously this should have happened way before release)

> You also omitted the case where admins of servers upgrade into a less 
> secure policy.  PackageKit presence does not imply desktop user.

i'm really not losing any sleep about that vector. if your server allows
untrusted people to have local login access it is a badly configured
server and you probably have more severe problems to worry about. the
impact on _non_-server machines is more significant, to my mind.

-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]