Local users get to play root?
Jeff Garzik
jgarzik at pobox.com
Thu Nov 19 00:34:42 UTC 2009
On 11/18/2009 07:23 PM, Bill Nottingham wrote:
> Jeff Garzik (jgarzik at pobox.com) said:
>> Sorry, but this default (desktop users can install pkgs without
>> root) is just stupid. It is antithetical to all standard security
>> models that have come before in Fedora and other Linux
>> distributions.
>
> Out of the box, a desktop user has the ability to shut down the machine.
> This gives them the ability, out of the box, to:
> - DoS everyone on it
> - get a root shell
> -- install whatever they want
> -- put viruses on
> - hell, slap in a livecd or USB key and reinstall the box
How is any of that justification for lowering the security bar to zero?
All of those you list are more technically complex than the current F12
behavior -- letting the kids or guests click a button.
IFF this feature was listed as a question in firstboot, and
IFF this feature was explained in detail in release notes, then there
would have been no problem at all...
You also omitted the case where admins of servers upgrade into a less
secure policy. PackageKit presence does not imply desktop user.
Jeff
More information about the fedora-devel-list
mailing list