LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Re: Security or Convenience? Defining a better policy

[Posted May 23, 2012 by jake]

From:  Marguerite Su <i-AT-marguerite.su>
To:  Andreas Jaeger <aj-AT-suse.com>
Subject:  Re: Security or Convenience? Defining a better policy
Date:  Tue, 22 May 2012 21:40:44 +0800
Message-ID:  <CAK0PdAkxCxXkHOVYpzENo9be+swgt51+90ixF8pWu-70Br94Aw@mail.gmail.com>
Cc:  opensuse-factory <opensuse-factory-AT-opensuse.org>
Archive-link:  Article, Thread 

On Tue, May 22, 2012 at 8:48 PM, Andreas Jaeger <aj@suse.com> wrote:
> I just put the following on my blog as well (http://jaegerandi.blogspot.de)
> and look forward to your help defining a better policy:
>
> The openSUSE security concepts have been changed gradually over the years
> with new tools like PolicyKit, PolKit and its usage in system tools.
>
> It's time now to step back, and review what we have and want.
>
> Marcus and Ludwig from the SUSE security team and myself have
> discusssed over the last weeks a bit and like to open this to a
> broader round now to get your help defining what needs to be done.
>
> = Challenges we face =
>
> Administrating a system in a secure way is always balancing the needs
> and requests of security, convenience and usability.  There's also the
> additional challenge that upstream projects often have a different
> view on either of these and therefore make different decisions and
> influencing upstream projects is quite often a difficult task.
>
> = Background =
> Linus Torvalds in his Google+ rant
> (https://plus.google.com/u/0/102150693225130002912/posts/1...)
>
> "I first spent weeks arguing on a bugzilla that the security policy of
> requiring the root password for changing the timezone and adding a new
> wireless network was moronic and wrong.
>
> I think the wireless network thing finally did get fixed, but the
> timezone never did - it still asks for the admin password.
>
> And today Daniela calls me from school, because she can't add the
> school printer without the admin password.
>
> ...
> So here's a plea: if you have anything to do with security in a
> distro, and think that my kids (replace "my kids" with "sales people
> on the road" if you think your main customers are businesses) need to
> have the root password to access some wireless network, or to be able
> to print out a paper, or to change the date-and-time settings, ..."
>
> = How to continue? =
>
> We've collected a couple of use cases for the administration of a
> local system at:
> http://en.opensuse.org/openSUSE:Security_use_cases
>
> For each use case we added a short security evaluation but in most
> cases don't give a recommendation on what to do.
>
> Call for action: Review and discuss
> http://en.opensuse.org/openSUSE:Security_use_cases using the following
> questions:
> * Are there any use cases missing?
> * Is there any thing missing in the specific use cases?
> * How can we solve these use cases so that a system is easy to setup
>  for the most common usage scenarios?
>
> Let's do the discussion on the opensuse-factory mailing list, I'll
> update the document with any improvements. Feel free to enhance it as
> well.
>
> Andreas
> --
>  Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi
>  SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
>   GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg)
>    GPG fingerprint = 93A3 365E CE47 B889 DF7F  FED1 389A 563C C272 A126
> --
> To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
> To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
>

Hi, Andreas,

personally I think we'd better separate standard Linux server
environment from single-user  home desktop environment. they're
totally different....and desktop users are growing in recent years in
our forums(openSUSE is almost the only usable distro for home use)

eg: I would like YaST2 never ask me root password to install software,
since it's my laptop and no one else can use it...but it'll surely be
banned in a security expert's eyes, and I don't know how to adjust it
for myself

(no flame war like Linus did, of course I defend and vote for
openSUSE, but one comment in it is good for me: it's easier for
security persons to enable it than grandma to disable it)

so mix them up may generate no balanced results and may trigger
another flame war in our forums...

I hope we may/can have a package called polkit-default-home-use or
something to fulfill that kind of needs....of course too hurry for
12.2, may be later

Greetings

Marguerite
-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds