Local users get to play root?
Adam Williamson
awilliam at redhat.com
Thu Nov 19 04:20:09 UTC 2009
On Wed, 2009-11-18 at 16:04 -0900, Jeff Spaleta wrote:
> And I think you missed my point. As we are learning..the hard way...
> sysadmins and spin developers can and should be encouraged to generate
> site specific policykit rules as part of hardening/softening ALL
> policykit enabled applications. You we really won't be able to rip out
> all the stuff using policykit. We're gonna have to digest the fact
> that policykit is there and start dealing with it in our setups and we
> are going to need some hand holding so we can do it effectively.
> PackageKit's policy is just the beginning of the learning curve here.
> It may not be server relevant as an application.. but the underlying
> issue about checking and configuring PolicyKit settings will be server
> relevant and unavoidable at some point.
I agree, but I also agree with those who said that this issue makes it
very clear we need to have some kind of process for setting a general,
project-wide policy for what kind of policies packages should set via
PolicyKit; this needs to be handled in a joined-up way and with the
involvement of the appropriate people (i.e. the security group), not
just on an ad hoc level by individual package maintainers. This should
be something the FESCo discussion should cover, I think. We need to have
a proper definition of our desired default security posture, and proper
oversight of the implementation of this. Especially now PolicyKit usage
is becoming (rightly!) widespread.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the fedora-devel-list
mailing list