Security Changes For Fedora 9

[Tomas Hoger]

On Sat, 5 Jan 2008 14:57:44 -0700 Kevin Fenzi <kevin at tummy.com> wrote:

> Well, as you say, you need to make sure we force the user to make a
> regular account first, currently thats not being done. You can do a
> new install and not create a user account. 

Problem is that you can not create unprivileged account in the
installer, IIRC.  You are asked whether you want to create normal user
by firstboot, after system was rebooted.  But that screen is usually
not seen by users doing kickstart or vnc installation, as was pointed
out by Tomas Mraz.  So changing the default value to 'no' would mean
that those users will have no way to log into newly installed systems
(assuming those methods are frequently used for remote installs with
no or limited physical access).

But yes, it's usually good idea to change that value once you have
normal account configured.

> I find root ssh login handy for a number of reasons: 
> - You can have some family member or friend who trusts you to fix
> their linux install allow your ssh key to login as root, then you
> never need to know any passwords on their system or have a useless
> normal account there.

You may want to look at:

PermitRootLogin without-password  and/or  forced-commands-only
 
> > In regards to the GCC lockdowns, it was my understanding that
> > sometimes hackers use our own compilers against us by logging in as
> > a normal user, using gcc to build their hacktools, and then using
> > the built tools to compromise root.  Is this something that is no
> > longer done?  Just curious.

As explained in other reply, with bunch of interpreters installed, this
"hole" is quite hard to plug and probably not worth the effort /
trouble.  And if an attacker is able to download sources of his
hacktools to your computer, he can probably download binaries as well.

Given the small benefits of such change, this probably won't happen
soon.

-- 
Tomas Hoger