Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Wed, 18 Nov 2009, Jeff Garzik wrote:

On 11/18/2009 01:28 PM, Seth Vidal wrote:
I didn't say it did - I said it didn't make sense to have items like PK
on servers.


Listen to yourself.

The above is a blatant admission that it is REALLY EASY for existing users to upgrade themselves into a security nightmare.

	* F11 w/ PK: requires root
	* F12 w/ PK: does not require root

And you don't see any problem with this?


you're talking to the wrong guy.

I don't maintain PK. I don't work on PK. I don't have anything to do with it, in fact.

And you should listen to yourself. I'm saying: You want to run secure servers, then you have to know what's on the system. Not just what pkg, but what the pkg does.

This is why I said: It doesn't make sense to have programs like packagekit which are targeted at end users on servers.

-sv



--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux