Local users get to play root?
nodata
lsof at nodata.co.uk
Wed Nov 18 17:57:53 UTC 2009
Am 2009-11-18 18:48, schrieb Rahul Sundaram:
> On 11/18/2009 11:19 PM, nodata wrote:
>
>>
>> Thanks. I have changed the title to:
>> "All users get to install software on a machine they do not have the
>> root password to"
>
> .. if the packages are signed and from a signed repository. So, you left
> out the important part. Explain why this is a problem in a bit more
> detail.
>
> Rahul
>
>
Why is it a problem? For all of the reasons that it has never been a
problem before. For the reason that the user is not the administrator or
the box, for the reason that the user is the user for a reason, for the
reason that by default Linux should act like Linux, for the reason that
the default is bad, for the reason that this is undocumented, for the
reason that it assumes automatic updates are enabled, for the reason
that the user is not the one with knowledge of the box and what
resources are available on it, for the reason that it may be against
corporate policy, for the reason of change management...
More information about the fedora-devel-list
mailing list