Jeff Garzik (jgarzik@xxxxxxxxx) said: > Sorry, but this default (desktop users can install pkgs without > root) is just stupid. It is antithetical to all standard security > models that have come before in Fedora and other Linux > distributions. Out of the box, a desktop user has the ability to shut down the machine. This gives them the ability, out of the box, to: - DoS everyone on it - get a root shell -- install whatever they want -- put viruses on - hell, slap in a livecd or USB key and reinstall the box It's a behavior change, for sure. For people who want to lock down their systems, it's a default they will need to be able to change, and they should have been able to discover it through the normal mechanisms for that. (i.e., the release notes.). It likely should have been discussed when it was introduced - it's obviously not something that's applicable to all usage cases for the OS. But really, given that users out of the box can do *far far worse*, I'm not seeing the 'shameful', 'antithetical', OMG THE SKY IS FALLING AND YOU ALL SHOULD BE DRAWN AND QUARTERED sort of angst. Maybe people are tired of bagging tea and want new things to be outraged about. Bill -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
