Security policy oversight needed?
Mike McGrath
mmcgrath at redhat.com
Thu Nov 19 00:37:01 UTC 2009
On Wed, 18 Nov 2009, Simo Sorce wrote:
> On Wed, 2009-11-18 at 17:58 -0600, Chris Adams wrote:
> > Any package (whether new or an update) that adds/changes PolicyKit,
> > consolehelper, or PAM configuration, and anything that installs new
> > setuid/setgid executables, should require some additional third-party
> > review. Any significant changes that passes review should require some
> > minimum amount of advance notice and documentation on how to revert
> > (preferably in some common easy-to-find place in the wiki).
> >
> > Is this feasible?
>
> Looks like a very good idea to me.
>
I think that's too subjective though. I'd be more in favor of a simple,
broad view of what the user should be able to do without root. It's
possible "install packages" would be on that list, it's possible not.
That way packages could ask themselves "does this break the policy?" If
it doesn't, great. If it does, time for a bug report.
Better then a review process because then everyone would generally know
what to expect.
-Mike
More information about the fedora-devel-list
mailing list