Re: What are these for?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 21 Nov 2012 15:38:25 +0100 lee <lee@xxxxxxxxxxxxxxx> wrote:
> Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> writes:
> > On Wed, Nov 21, 2012 at 12:37:47PM +0100, lee wrote:
> >> > For example, a timezone applet can show you the time as a
> >> > regular user and only require extra authentication to change it.
> >> Regular users must not change the system time.  It's on UTC and
> >> kept on track with chrony.
> >
> > Well, exactly. That's why you would need extra authentication to
> > change it.
> 
> Users are not supposed to change it at all, not even with extra
> authentication.

System time is not the hardware clock (which is always on UTC), but
rather UTC plus local timezone offset. Changing the timezone is a
common thing when traveling with a laptop, and it requires extra
authentication.

> What difference does it make which password is supplied when with the
> password things can be done that are relevant for security?  Why
> should I give my password again when I'm already logged in and the
> system knows who I am?

Someone else might sit in front of your machine while you are
momentarily away, and try to perform some security-related operation.
The system needs to make sure it is really you, every time, regardless
of the fact that you are already logged in.

> > If you have an alternate implementation that solves the problems
> > polkit was meant to solve in a demonstrably better way, develop the
> > code and propose it as a Feature for a future Fedora.
> 
> The alternate implemantation is su.  It's much simpler and more secure
> already by being much simpler than polkit.  It's also much more
> efficient.  Polkit is insecure by design because it gets users used to
> enter their password everywhere.

If you do a "su -c someapp", than that app runs with root privileges,
and *everything* it does --- it does as root. When an app interacts
with polkit, after you provide the root password, polkit allows the app
to do *only* *one* *particular* *action* as root, rather than
everything. So the app can elevate its privileges in a more controlled
way, only when necessary and only for what is necessary.

HTH, :-)
Marko


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux