[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On 11/18/2009 11:27 PM, Adam Williamson wrote:
On Wed, 2009-11-18 at 20:20 -0600, Mike McGrath wrote:

5) The people who want this new security policy should add an opt-in checkbox
in Anaconda or firstboot.

Does anyone disagree with anything in 1-5?  It all sounds reasonable to
me?

I disagree with 5, that's not a sensible or sustainable way to deal with
this kind of thing. At least not without some kind of coherent process.
Just throwing in single-issue checkboxes ad hoc is not the way to do
this - should we have fifty checkboxes for everything you can configure
users to be able to do or not able to do? If we're going to go down that
route, it needs to be a properly planned utility, something like
Mandriva's msec. Only, uh, probably better.

Your and Rahul's points are definitely well taken. Certainly quite a few know quite a bit more than I do, about where to put this "policy knob."

IMO #2 is the only urgent priority -- if this decision will be reverted (it should!), it should happen very soon, so that users can capture this in updates as soon after install as possible.

	Jeff




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]