On 11/18/2009 01:23 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 19:18, schrieb Colin Walters:
This is a major change. I vote for secure by default.
If the admin wishes this "surprise-root" feature to be enabled he can
enable it.
I'm not sure how this is 'surprise root'. IT will only allow installs of
pkgs signed with a key you trust from a repo you've setup.
which pretty much means: if the admin trusts the repo, then it is okay.
if the admin doesn't trust the repo it should NOT be on the box and
enabled b/c an untrusted repo can nuke your entire world.
By your own adminssion, we are talking about DESKTOP USERS.
How little social engineering + virus automation does it take to get
such an install to include a malicious 3rd party repo?
Jeff
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list