Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2009-11-18 at 13:41 -0500, Konstantin Ryabitsev wrote:
> 2009/11/18 Simo Sorce <ssorce@xxxxxxxxxx>:
> > On Wed, 2009-11-18 at 13:19 -0500, Konstantin Ryabitsev wrote:
> >> This significantly limits the number of users with powers to install
> >> signed software -- almost to the point of where it sounds like a fair
> >> trade-off. If someone has physical access to the machine, then heck --
> >> it's not like they don't already effectively "own" it.
> >
> > Most of my users wouldn't be able to "own" it even if I let a root shell
> > open, but they would definitely be able to install or remove packages
> > using the GUI.
> >
> > The difference is huge.
> 
> If I have physical access to your machine, I'll own it. I may have to
> use tools to get to the HDD, but it's only a question of time and
> dedication.

*you* are not one of my users, and this has nothing to do with *you*
hacking in my machine. If I have physical access to a machine I do not
even care about what's installed on it. In 99% of the cases I will just
be able to boot from a live cd. That's a completely different issue.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux