Local users get to play root?
Seth Vidal
skvidal at fedoraproject.org
Wed Nov 18 18:04:23 UTC 2009
On Wed, 18 Nov 2009, Jon Ciesla wrote:
> Seth Vidal wrote:
>>
>>
>> On Wed, 18 Nov 2009, Jon Ciesla wrote:
>>
>>> nodata wrote:
>>>> Am 2009-11-18 18:08, schrieb nodata:
>>>>> Yikes! When was it decided that non-root users get to play root?
>>>>>
>>>>> Ref:
>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=534047
>>>>>
>>>>> This is horrible!
>>>>>
>>>>
>>>> Just to elaborate:
>>>>
>>>> A local user is allowed to install software on the machine without being
>>>> prompted for the root password.
>>>>
>>>> This is a recipe for disaster in my opinion.
>>>>
>>> So much for granting shell access on my servers. . .
>>
>> You have PackageKit installed on servers? really?
>>
>>
>> -sv
>>
> I do if it's in the default DVD install, or was pulled in in an upgrade.
> I've never intentionally installed it, and yes I do. Never imagined it would
> be a problem. I'll remove it.
>
Maybe you and I have a different concept of 'Servers'. But I tend to
install @core only and then remove items whenever I can for a server.
If it is a bad day I'll install X b/c something requires it but for
servers I try to avoid anything beside the barest minimal I can have.
-sv
More information about the fedora-devel-list
mailing list