Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 18 Nov 2009, Jeff Garzik wrote:


On 11/18/2009 01:28 PM, Seth Vidal wrote:

I didn't say it did - I said it didn't make sense to have items like PK
on servers.



Listen to yourself.
The above is a blatant admission that it is REALLY EASY for existing users to upgrade themselves into a security nightmare. 

	* F11 w/ PK: requires root
	* F12 w/ PK: does not require root

And you don't see any problem with this?



you're talking to the wrong guy.
I don't maintain PK. I don't work on PK. I don't have anything to do with it, in fact.
And you should listen to yourself. I'm saying: You want to run secure servers, then you have to know what's on the system. Not just what pkg, but what the pkg does.
This is why I said: It doesn't make sense to have programs like packagekit which are targeted at end users on servers. 

-sv



--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux