Security policy oversight needed?
Chris Adams
cmadams at hiwaay.net
Thu Nov 19 01:11:19 UTC 2009
Once upon a time, Mike McGrath <mmcgrath at redhat.com> said:
> I think that's too subjective though.
What is subjective about "allowing unprivileged to do things that
previously only root could do"?
> I'd be more in favor of a simple,
> broad view of what the user should be able to do without root. It's
> possible "install packages" would be on that list, it's possible not.
> That way packages could ask themselves "does this break the policy?" If
> it doesn't, great. If it does, time for a bug report.
There have been bug reports, but they get closed by the maintainers as
NOTABUG, so that procedure is obviously not working.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the fedora-devel-list
mailing list