Local users get to play root?
Richard Hughes
hughsient at gmail.com
Wed Nov 18 22:38:13 UTC 2009
2009/11/18 Jeff Garzik <jgarzik at pobox.com>:
> And this enormous security hole of a policy change was done with next to
> /zero/ communication, making it likely that many admins will not even know
> they are vulnerable until their kids install a bunch of unwanted packages.
F11 had retained authorisations, which arguably were more of a
security weakness. If rawhide had been signed during the F12 cycle
everybody would have seen this change much earlier.
If you're deploying F12, then I really think you should know the
basics about PolicyKit.
Richard.
More information about the fedora-devel-list
mailing list