| |||||||||||||
|
| |||||||||||||
Fedora 12 lets unprivileged users install packagesFedora 12 lets unprivileged users install packagesPosted Nov 19, 2009 9:45 UTC (Thu) by lkundrak (subscriber, #43452)Parent article: Fedora 12 lets unprivileged users install packages
To those who complain: I'm just wondering, how many of you have potentially malicious local users?
And those who do, is there anyone who was, until now, using completely default installations without locking down anything (such as ability to shut down or suspend the system when a single local user, removing ability to automount media, etc.)?
(Log in to post comments)
Fedora 12 lets unprivileged users install packages Posted Nov 19, 2009 16:46 UTC (Thu) by cry_regarder (subscriber, #50545) [Link]
I'm not worried about malicious users. I'm worried about household guests and family members.
If this switch is on, you can't leave your media (mythtv for example) computer alone with a guest even for 5 minutes! How suckitude is that?
Hence, if you ever have guests in your house and you might want to go to the bathroom while they are there (say using a guest account to surf the web), you must disable this feature. Since the vast majority (73.2%) of home users fall into this category, the majority of users should disable this feature. However we know that the majority of users (97.32%) never disable any default feature until they've been reamed.
Fun.
The really annoying thing is that the fedora devel list is clogged up by pages upon pages upon pages of this thread.
Fedora 12 lets unprivileged users install packages Posted Nov 19, 2009 17:09 UTC (Thu) by lkundrak (subscriber, #43452) [Link]
> I'm not worried about malicious users. I'm worried about household guests and family members.
Are you well aware that with physical access they're able to do anything anyway? In most setups family members can. When it comes to guests, the right tool for you is xguest -- you'll get a locked-down desktop for guests with no extra configuration at all.
For the rest of setups you can still change the policy; point is that defaults are sane for most setups.
Fedora 12 lets unprivileged users install packages Posted Nov 19, 2009 20:48 UTC (Thu) by jgarzik (subscriber, #8364) [Link]
Are you well aware of decades of Unix history?
Doing malicious or stupid things with physical machine access typically requires a modicum of effort, and often leaves obvious evidence behind.
With F12, all you need is a mouse click. The bar is substantially lowered.
|
|
||||||||||||