User: Password:
|
|
Subscribe / Log in / New account

Re: Local users get to play root?

From:  Seth Vidal <skvidal-AT-fedoraproject.org>
To:  Development discussions related to Fedora <fedora-devel-list-AT-redhat.com>
Subject:  Re: Local users get to play root?
Date:  Wed, 18 Nov 2009 17:40:37 -0500 (EST)
Message-ID:  <alpine.LFD.2.00.0911181739540.7308@localhost.localdomain>
Archive-link:  Article



On Wed, 18 Nov 2009, Richard Hughes wrote:

> 2009/11/18 Jeff Garzik <jgarzik@pobox.com>:
>> And this enormous security hole of a policy change was done with next to
>> /zero/ communication, making it likely that many admins will not even know
>> they are vulnerable until their kids install a bunch of unwanted packages.
>
> F11 had retained authorisations, which arguably were more of a
> security weakness. If rawhide had been signed during the F12 cycle
> everybody would have seen this change much earlier.
>
> If you're deploying F12, then I really think you should know the
> basics about PolicyKit.

Richard,
  to be fair, when I asked you how to edit a .pkla file you couldn't tell 
me.

So, if our engineers don't know the basics, how should our users?

-sv

-- 
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list



(Log in to post comments)


Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds