Re: Local users get to play root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeff Garzik <jgarzik@xxxxxxxxx> writes:

> The only thing that will fix the damage is to update PK, reverting the
> default-insecure policy.

Precisely. I didn't imagine anyone would come with such idea. Even MS
prompts for admin password, doesn't it? And I was told Fedora isn't more
lame when it comes to security than MS.

> May I remind folks that it is easy to UPGRADE INTO INSECURITY here.
> Admins with servers, coming from F10/F11, can very easily fall into
> this trap simply by updating their current systems.

This is not (only) about servers. Desktops have the same problems. E.g.
family computer, or a classroom PC. And even on my "personal" station
I want the unprivileged IDs to not be able to perform administrative
tasks, because access to these "weaker" accounts may be not protected
well enough.


And if we say that installing additional packages can't easily
compromise system security (because e.g. network services are off by
default), then how on Earth can we say at the same time it's ok and "by
design" that installing a single non-network service program opens
a huge door for attacks?

Just admit this was a bug or maybe backdoor and fix "critical security
problem" ASAP.
-- 
Krzysztof Halasa

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux