Bill Nottingham wrote: > Eric Christensen (eric@xxxxxxxxxxxxxxxxxxx) said: >>> It's a behavior change, for sure. For people who want to lock down their >>> systems, it's a default they will need to be able to change, and they >>> should have been able to discover it through the normal mechanisms for >>> that. (i.e., the release notes.). It likely should have been discussed >>> when it was introduced - it's obviously not something that's applicable >>> to all usage cases for the OS. >> You are assuming that the users have physical access to the box and also >> know how to get a root shell and that the box hasn't been hardened >> (before the PK vulnerability was known). > > Sure, I said 'out of the box'. Out of the box none of those other > hardening steps are done either, which is why if this is a policy > that we want, it should be documented as a hardening step that can > be taken. > > Bill > It would seem that a middle ground could be struck here. Why not set the default to require admin privileges, and once the credentials have been established provide a check box user choice to change to the behavior that doesn't require privileges. That way, out of the box it's a little more locked down, but easily changeable. This is a common UI pattern that you can see in many applications that have security implications... Firefox is a primary example. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
