Local users get to play root?
Seth Vidal
skvidal at fedoraproject.org
Wed Nov 18 21:46:59 UTC 2009
On Wed, 18 Nov 2009, Jeff Garzik wrote:
> On 11/18/2009 01:23 PM, Seth Vidal wrote:
>>
>>
>> On Wed, 18 Nov 2009, nodata wrote:
>>
>>> Am 2009-11-18 19:18, schrieb Colin Walters:
>>>
>>> This is a major change. I vote for secure by default.
>>>
>>> If the admin wishes this "surprise-root" feature to be enabled he can
>>> enable it.
>>
>> I'm not sure how this is 'surprise root'. IT will only allow installs of
>> pkgs signed with a key you trust from a repo you've setup.
>>
>> which pretty much means: if the admin trusts the repo, then it is okay.
>>
>> if the admin doesn't trust the repo it should NOT be on the box and
>> enabled b/c an untrusted repo can nuke your entire world.
>
>
> By your own adminssion, we are talking about DESKTOP USERS.
>
> How little social engineering + virus automation does it take to get such an
> install to include a malicious 3rd party repo?
Not much.
Jeff, I think you're misunderstanding, a lot, here. I'm not in favor of
user-can-install-pkgs. I'm just explaining why I don't think pk should be
on servers.
-sv
More information about the fedora-devel-list
mailing list