Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Wed, 18 Nov 2009, Jon Ciesla wrote:

Seth Vidal wrote:


On Wed, 18 Nov 2009, Jon Ciesla wrote:

nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?

Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047

This is horrible!


Just to elaborate:

A local user is allowed to install software on the machine without being prompted for the root password.

This is a recipe for disaster in my opinion.

So much for granting shell access on my servers. . .

You have PackageKit installed on servers? really?


-sv

I do if it's in the default DVD install, or was pulled in in an upgrade. I've never intentionally installed it, and yes I do. Never imagined it would be a problem. I'll remove it.


Maybe you and I have a different concept of 'Servers'. But I tend to install @core only and then remove items whenever I can for a server.

If it is a bad day I'll install X b/c something requires it but for servers I try to avoid anything beside the barest minimal I can have.

-sv

--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux