Local users get to play root?

Steve Grubb sgrubb at redhat.com
Wed Nov 18 21:04:53 UTC 2009


On Wednesday 18 November 2009 01:35:30 pm Simo Sorce wrote:
> On Wed, 2009-11-18 at 13:23 -0500, Seth Vidal wrote:
> > I'm not sure how this is 'surprise root'. IT will only allow installs
> > of pkgs signed with a key you trust from a repo you've setup.
> >
> > which pretty much means: if the admin trusts the repo, then it is
> > okay.
> >
> > if the admin doesn't trust the repo it should NOT be on the box and
> > enabled b/c an untrusted repo can nuke your entire world.
> 
> I may trust the repo, that doesn't mean I want to allow installation of
> any package that happens to live on that repo.

I agree with this sentiment. It would be a huge surprise for setuid apps to 
suddenly start showing up on boxes.

> The problem is the *Default* not the fact that you can consciously allow
> users to update without a password.

And I wonder what the audit trail will show? Does it show which user installed 
these packages?
 
-Steve




More information about the fedora-devel-list mailing list