ACL removal day?!
Peter Jones
pjones at redhat.com
Wed Jun 20 14:36:50 UTC 2007
Thorsten Leemhuis wrote:
> On 19.06.2007 19:24, Steve Grubb wrote:
>> This needs to be clear. Its for security. If you take all ACLs off the
>> packages and an account becomes compromised, the attacker can get to
>> everything.
>>
>> Please keep the ACLs by default so that there is not a window where a package
>> is left unguarded if it needed to be.
>
> I'd say we should work towards a middle ground -- ACLs by default, but
> create some kind of "trusted contributers group (say sponsors, FESCo
> members and packagers with more then 25 packages) that get access
> everywhere.
I'm just playing devil's advocate here, but I don't think Steve is
worried about what I might do to your precious, precious packages. He's
worried about what the guy who roots my laptop in a coffee shop might do
to them.
(In Eastern Massachusetts, the odds are actually fairly high that
there's more than one coder geek in any given coffee shop at a time.
Some of them are Debian users. Think about it...)
--
Peter, who knows of no attacks on his laptop by Debian users.
More information about the Fedora-maintainers
mailing list