On Wed, Nov 21, 2012 at 12:37:47PM +0100, lee wrote: > > This records secure log messages from the kernel, including SELinux alerts. > > You don't technically _need_ it, but these are important messages. > Why does it need it's own daemon rather than using /var/log/messages > where I might even see the messages? And aureport says there have been Because the syslog interface isn't secure. > 8765 events within 17 days. How am I supposed to keep track of that > with over 500 events per day in messages I never see? How would I > reasonably read these messages? That's a classic sysadmin's dilemma. It would be nice to have some good open source processing, analysis, and correlation tools. > Will it at least send me an email when something happens I should know > about? You could configure it that way. > So mcelog *might* be useful if I have problems with kernel panics, which > I don't. If you are certain your hardware will never have any problems in the future, or if you don't mind your system not responding to them properly, or if you're running in a VM, you can certainly turn it off. > > Polkit allows applications to use root permissions for fine-grained > > actions rather than running as root all the time. > So they become like 1/4, 3/8 or 1/2 root and do something only root should > be allowed to do? > > That increases security. > How? It seems to do the opposite. By only asking for and using privileged access when required. That's a fundamentally good idea. > > For example, a timezone applet can show you the time as a regular user > > and only require extra authentication to change it. > Regular users must not change the system time. It's on UTC and kept on > track with chrony. Well, exactly. That's why you would need extra authentication to change it. > > However, if you don't want or need this functionality, applications > > are supposed to gracefully fall back to requiring root. > So for example instead of ls or emacs becoming only 1/4 root, I would > have to run them as root? And if I don't run them as root, I'd have to Since neither ls nor emacs is written to use polkit, running them as root when you need to access a particular file is in fact the only option you have. > Neither ls nor emacs ever asked me for extra authentication. And how > would it increase security if I entered the password for root into > arbitrary applications whenever they ask me for it? It wouldn't. In a GUI, polkit has a distinctive, separate dialog box it uses to ask for authentication. It's absolutely true that spoofing this sort of dialog is a concern. > It certainly does decrease security getting users used to enter the root > password everywhere. Polkit should be deprecated. In the typical configuration on Fedora, users in the `wheel` group are asked to provide their *own* password for this sort of access. If you have an alternate implementation that solves the problems polkit was meant to solve in a demonstrably better way, develop the code and propose it as a Feature for a future Fedora. -- Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm@xxxxxxxxxxxxxxxxx> -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
