[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PackageKit policy: background and plans

On 11/23/2009 01:24 PM, Gregory Maxwell wrote:

> I haven't tried the the fast user switching in fedora... Hopefully it is
> using some kernel mode secure path to prevent users from stealing each others
> credentials, if it isn't then one should be established for it. Why not use the
> same facility to switch to a system administration desktop, locked down a bit by
> default (use SE linux to make various unsafe user tasks like firefox,
> open office, etc unable to run in this admin context) to discourage
> casual use.

Wait, you're arguing for this *instead* of finer-grained elevations of privilege
governed by policy files which can be locally overridden safely?

> Surely this would be preferable to reducing the security against
> common casual threats.

I think you've characterized things backwards here.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]