People's reaction to this is just stupid.
Posted Nov 19, 2009 12:49 UTC (Thu) by Tet
In reply to: People's reaction to this is just stupid.
Parent article: Fedora 12 lets unprivileged users install packages
Local users have physical access to your machine and thus they can trivially override any practical security mechanism you may have on your computer
Sure, they can override them, but it's not always trivial. On my machines, for example, they'd need to either get past the BIOS password to change the boot order, or physically open the machine up and change the boot disk. Both of which are possible, but not exactly trivial. It's all about the height of the bar. You seem to be claiming that because local access gives you an attack vector, it's fine to drop any additional security that might have been in place. That doesn't make sense to me. A determined attacker will always get in. But it's still worth protecting against the opportunist (and the ignorant).
Anyways if your having guest users you should have them use guest accounts
Guest accounts that are now capable of installing software without root access? I'm not sure what your point is here.
to post comments)