Local users get to play root?
Adam Williamson
awilliam at redhat.com
Fri Nov 20 18:38:41 UTC 2009
On Fri, 2009-11-20 at 10:50 -0500, Bill Nottingham wrote:
> Benny Amorsen (benny+usenet at amorsen.dk) said:
> > > If there are pkgs which run daemons which are defaulting to ON when
> > > installed or on next reboot - then we should be auditing those pkgs.
> > > Last I checked we default to OFF and that should continue to be the
> > > case.
> >
> > Is there a blanket prohibition on daemons defaulting to ON or are some
> > (presumably considered vital) daemons exempt? I ask because cronie
> > defaults to ON.
>
> It's not a blanket prohibition. (See also opensshd, rsyslog, etc.)
Additionally, I believe it applies only to daemons which are configured
to be remote-accessible by default. I don't believe cronie is.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the fedora-devel-list
mailing list