Am 21.11.2012 15:38, schrieb lee: > Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> writes: >> Because the syslog interface isn't secure. > > How come? Only root can read the logfile. THE INTERFACE it is not trustable which process generates / fakes a record also you do not want all from /var/log/secure mixed in messages >> That's a classic sysadmin's dilemma. It would be nice to have some good open >> source processing, analysis, and correlation tools. > > Since we don't have them, how useful is it? useful enough because /var/log/secure is a more sensible thing than "normal" messages from /var/log/messages >>> Will it at least send me an email when something happens I should know >>> about? >> >> You could configure it that way. > > Is there some documentation about this? man crontab man grep man echo any output from a application / script started via crond goes into a mail to root > And how do you know or make sure that some software uses your password > only for that? if you do not trust the author do not use the software but you refuse to understand the main difference having things permanently running as root or only request root pwd if it is really needed AND you can refuse to permit > Users are not supposed to change it at all, not even with extra > authentication. so read manpages and restrict if things are allowed the sudo way with users password and for the things needing the root password: they CAN'T at all > Then polkit doesn't do me any good. Even if emacs and ls were using it, > it would be very annoying having to enter a password all the time. >> It wouldn't. In a GUI, polkit has a distinctive, separate dialog box it uses >> to ask for authentication. It's absolutely true that spoofing this sort of >> dialog is a concern. > > So yes, it decreases security instead of increasing it. NO how do you come to that conclusion? it is about you if you enter root password in a randomly popping up window > What difference does it make which password is supplied when with the > password things can be done that are relevant for security? Why should > I give my password again when I'm already logged in and the system knows > who I am? what about drive-by-attacks? what about leave the room for a minute and forget lock the screen? what about malware trying things with your current permissions ANY security relevant task has to be confirmed with a password independent if you are logged in or not > The alternate implemantation is su. It's much simpler and more secure > already by being much simpler than polkit. It's also much more > efficient. Polkit is insecure by design because it gets users used to > enter their password everywhere. users entering their password EVERWHERE have already lost ANY security fight - sorry, but this argumentation is invalid because ORDINARY user tasks do NOT request a password
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
