Root login in rawhide and display managers
Richi Plana
myfedora at richip.dhs.org
Thu Sep 20 13:40:02 UTC 2007
On Thu, 2007-09-20 at 13:19 +0000, Kevin Kofler wrote:
> Richi Plana <myfedora <at> richip.dhs.org> writes:
> > Why would anyone want an application to run, anyway, that has the
> > potential of bringing down the system or accessing other users' files?
>
> Unfortunately, when you're the only user on the system, running your
> applications as your regular user won't help much, they can still eat all your
> files. You'd have to run applications like browsers as a different user to take
> advantage of the user-based security model, and I don't see many people doing
> that.
Yeah. And a user-based, micro-level SELinux policy would probably be
overkill. I suppose there's no point in restricting access of media
players to only multimedia files or write access to files not marked for
editing. There comes a point when the only solution is to fix the
application.
--
Richi Plana
More information about the fedora-devel-list
mailing list