Local users get to play root?
Jon Ciesla
limb at jcomserv.net
Wed Nov 18 18:08:41 UTC 2009
Seth Vidal wrote:
>
>
> On Wed, 18 Nov 2009, Jon Ciesla wrote:
>
>> Seth Vidal wrote:
>>>
>>>
>>> On Wed, 18 Nov 2009, Jon Ciesla wrote:
>>>
>>>> nodata wrote:
>>>>> Am 2009-11-18 18:08, schrieb nodata:
>>>>>> Yikes! When was it decided that non-root users get to play root?
>>>>>>
>>>>>> Ref:
>>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=534047
>>>>>>
>>>>>> This is horrible!
>>>>>>
>>>>>
>>>>> Just to elaborate:
>>>>>
>>>>> A local user is allowed to install software on the machine without
>>>>> being prompted for the root password.
>>>>>
>>>>> This is a recipe for disaster in my opinion.
>>>>>
>>>> So much for granting shell access on my servers. . .
>>>
>>> You have PackageKit installed on servers? really?
>>>
>>>
>>> -sv
>>>
>> I do if it's in the default DVD install, or was pulled in in an
>> upgrade. I've never intentionally installed it, and yes I do. Never
>> imagined it would be a problem. I'll remove it.
>>
>
> Maybe you and I have a different concept of 'Servers'. But I tend to
> install @core only and then remove items whenever I can for a server.
>
> If it is a bad day I'll install X b/c something requires it but for
> servers I try to avoid anything beside the barest minimal I can have.
>
> -sv
>
That's generally my MO as well. Sometime, however, as I have mostly
legacy hardware, some machines need to perform multiple functions.
Really, though sometimes it's nice to tunnel a GUI through SSH, if I
want to browse the repo that way. Usually yum search, etc is enough.
Sometimes it's not, quite.
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie
More information about the fedora-devel-list
mailing list