On Thursday 19 November 2009 09:09:15 pm James Morris wrote: > On Thu, 19 Nov 2009, Owen Taylor wrote: > > Among the decisions Richard made was allowing all users to install > > signed packages from the Fedora repositories. This was clearly the right > > behavior for the common case of a single-user system, where the only > > user is also the administrator. > > I don't think this is clearly the right behavior at all. > > ... > > I think it's fair to say that having this happen as root would generally > be worse than it happening as an unprivileged user. For the latter, the > attacker would need to also then succeed with a local privilege escalation > attack to the same effect. On the contrary. On the typical single user system, it's just as bad if an attacker can steal / delete / modify the user's files as it is if the attacker can modify / delete system files. Privilege escalation isn't needed to delete everything the single user cares about. Regards, -- Conrad Meyer <cemeyer@xxxxxxxxxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
