ACL removal day?!
Ralf Corsepius
rc040203 at freenet.de
Wed Jun 20 14:56:58 UTC 2007
On Wed, 2007-06-20 at 10:36 -0400, Peter Jones wrote:
> Thorsten Leemhuis wrote:
> > On 19.06.2007 19:24, Steve Grubb wrote:
> >> This needs to be clear. Its for security. If you take all ACLs off the
> >> packages and an account becomes compromised, the attacker can get to
> >> everything.
> >>
> >> Please keep the ACLs by default so that there is not a window where a package
> >> is left unguarded if it needed to be.
> >
> > I'd say we should work towards a middle ground -- ACLs by default, but
> > create some kind of "trusted contributers group (say sponsors, FESCo
> > members and packagers with more then 25 packages) that get access
> > everywhere.
>
> I'm just playing devil's advocate here, but I don't think Steve is
> worried about what I might do to your precious, precious packages. He's
> worried about what the guy who roots my laptop in a coffee shop might do
> to them.
Nothing much.
1. He needs to be a Linux user
2. He needs to be deeply familiar with the Fedora build-system.
3. He will have to crack your passwords/ssh-phrases
If 1.-3. are fulfilled, with ACLs in effect he will be able to
compromise your packages. Without ACLs in effect he will be able to
compromise other packages than yours.
Ralf
More information about the Fedora-maintainers
mailing list