Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/18/2009 02:26 PM, Bob Arendt wrote:
On 11/18/09 12:03, Konstantin Ryabitsev wrote:
2009/11/18 Simo Sorce<ssorce@xxxxxxxxxx>:
If I have physical access to your machine, I'll own it. I may have to
use tools to get to the HDD, but it's only a question of time and
dedication.

*you* are not one of my users, and this has nothing to do with *you*
hacking in my machine. If I have physical access to a machine I do not
even care about what's installed on it. In 99% of the cases I will just
be able to boot from a live cd. That's a completely different issue.

Well, then we're violently agreeing about the same thing.

Anyway. It doesn't look like this is a change in Fedora policy,
because it clearly caught everyone off-guard. Looks like PK developer
made an executive decision and it's up to us to either issue an update
to revert to the previous behaviour, or to continue debating whether
allowing local console users to install trusted software from trusted
repositories is a sane security trade-off.

I haven't tried .. but does this this also include the capability for
my grade-school child to *remove* software using their account?
Like gcc? glibc? gdm? All fun activities ...


They sure can install all the naughty software you've forbidden on that machine.

	Jeff



--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux