Local users get to play root?

Seth Vidal skvidal at fedoraproject.org
Wed Nov 18 18:23:52 UTC 2009



On Wed, 18 Nov 2009, nodata wrote:

> Am 2009-11-18 19:18, schrieb Colin Walters:
>
> This is a major change. I vote for secure by default.
>
> If the admin wishes this "surprise-root" feature to be enabled he can enable 
> it.

I'm not sure how this is 'surprise root'. IT will only allow installs of 
pkgs signed with a key you trust from a repo you've setup.

which pretty much means: if the admin trusts the repo, then it is okay.

if the admin doesn't trust the repo it should NOT be on the box and 
enabled b/c an untrusted repo can nuke your entire world.

-sv




More information about the fedora-devel-list mailing list