[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Thursday 19 November 2009 06:45:51 am Richard Hughes wrote:
> 2009/11/19 Rahul Sundaram <sundaram fedoraproject org>:
> > Right. The alternative really is defining the roles and the target
> > audience clearly for distinct set of policies and allowing the user to
> > trivially select it during or post-installation.
> 
> I disagree, most people will just go for the default option without
> understanding the subtle nuances of what they are being asked.

So the default option should be the more secure option.  The PackageKit policy 
was a major change, and someone who was naively clicking through the installer 
should not be surprised by such things.

> > So if I pick "personal desktop", the change you made makes sense. If on
> > the other hand, I choose "workstation" profile, I would obviously need a
> > more locked down profile.
> 
> Surely if you're deploying a workstation (1000s of workstations?) you
> would just ship an extra package that set the PolicyKit policies
> according to the domain policy,

It is not so black and white.  If I managing computers as a side favor, I may 
very well upgrade everyone to Fedora 12 without taking the time to look 
through these sorts of sweeping changes, and just do a quick test to make sure 
everything that used to work is still working.  This is not a very uncommon 
situation, especially since not all Fedora users are experience at 
administrating systems.

The problem here is that not everyone was on board with the "single user 
desktop" target.  I would not say it is unreasonable to miss this detail, 
since Fedora is periodically used as a base for RHEL, which is certainly not a 
single user desktop system.

> The real argument is what set of users upstream software should
> target. There's an argument for upstream to default to "no" for all
> actions and for the admin to install a policy for "desktop",
> "workstation" etc, but then there's just the related problem of what
> policy package to choose by default for "Fedora".

Maybe there should just be a separate spin for "single user desktops," and it 
could be called "Fedora Home User Spin."

-- Ben



-- 
Message sent on: Thu Nov 19 09:59:13 EST 2009

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]