[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Thursday 19 November 2009 10:51:19 am Richard Hughes wrote:
> 2009/11/19 Benjamin Kreuter <ben kreuter gmail com>:
> > I would not say it is unreasonable to miss this detail,
> > since Fedora is periodically used as a base for RHEL, which is certainly
> > not a single user desktop system.
> 
> Sure, and RHEL default policy will most likely be different to the Desktop
>  spin.

I would hope so!

My point was that there are plenty of people out there who might be sticking 
to assumptions about *nix from a decade ago, who could be managing small 
groups of desktops (30 or less).  I have seen this personally, and in most of 
those cases the root password was absolutely necessary for installing 
software.  Allowing non-root users to install updates is just at the border of 
what is OK for such circumstances, but allowing ordinary users to install new 
packages is definitely going to far.

A number of people have suggested now that "single user desktop" be one of 
many options.  There should at least be a "multiuser desktop" of some kind, 
with more restrictive policies in place, and it should not be hidden behind 3 
levels of hyperlinks.

-- Ben



-- 
Message sent on: Thu Nov 19 12:11:26 EST 2009

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]