[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Local users get to play root?



On 11/19/2009 12:16 PM, Simon Andrews wrote:
Bill Nottingham wrote:
Jeff Garzik (jgarzik pobox com) said:
This sounds like a tacit admission that the default install for
servers is bloody stupid (== same as desktop), unless the admin
REMOVES packages we helpfully installed on the server system.

PackageKit has only ever been included in destkop package groups.
While these groups are enabled by default, they are with the caveat of:

"The default installation of Fedora includes a set of software
applicable for general internet usage."

I've just been and checked on our servers, which were installed with
minimal packages and never used for desktop activities and found two of
them with PackageKit installed.

Looking at the dependencies there is nothing on those machines which
currently requires PackageKit so it could be cleanly removed, but
something has pulled this in as a dependency in the past.

Both of these machines have been through sequential upgrades from around
FC3.

Changing the behaviour of PackageKit would certainly affect me and I've
never explicity installed it.

Indeed.  This issue is giving Fedora a major black eye in security.

And this major security issue -- where admins upgrade into insecurity -- is just hand-waved away even though it applies to a lot of situations.

As Kevin K noted, it is completely illogical that the presence or absence of a package (PackageKit) dictates security, or lack thereof.

Desktop spin or not, you need to prompt for a root password by default, unless the user has opted INTO a lowered security policy.

Ironically, even Microsoft Windows Vista is smart enough to ASK if you want a loose or tight security policy. Fedora 12 just assumes you want a loose policy.

	Jeff



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]