Local users get to play root?

Eric Christensen eric at christensenplace.us
Wed Nov 18 22:54:41 UTC 2009


On Wed, 2009-11-18 at 14:49 -0800, Adam Williamson wrote:
> On Wed, 2009-11-18 at 10:52 -0800, Jesse Keating wrote:
> > On Wed, 2009-11-18 at 13:22 -0500, James Antill wrote:
> > > 
> > > 7. And the most obvious one ... how hard is it to get a bad package into
> > > one of the repos. that the machine has enabled. 
> > 
> > Right, PK is counting on this being sufficiently difficult enough to
> > prevent bad things from happening.  While I'd like to think that, and
> > would like to say that, I can't.
> 
> I do not see how that's relevant, frankly. For it to be relevant it
> would have to be true to state that, if you need root privileges to
> install signed packages, it's absolutely no problem if a signed package
> is evil. Obviously, that's not at all true. An evil 'trusted' package
> would be a Very Bad Thing in any case. Whether you need to be root to
> install a trusted package or not is entirely orthogonal, as far as I can
> see.
> 
> -- 
> Adam Williamson
> Fedora QA Community Monkey
> IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
> http://www.happyassassin.net
> 

I'd like to point out that there are trusted packages that I wouldn't
want my users downloading.  John is a good example but there are others.

Anyone requested that CVE yet?

--Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091118/2c5e0d5f/attachment.sig>


More information about the fedora-devel-list mailing list