On Sat, 21 Nov 2009, Matthew Garrett wrote: > > worked without a password or login or anything. For the envisioned > > 'desktop' model is there a reason to have multiple users for the > > default? Is there a reason to have anything but root? > > Yes. There's a range of acts that root is able to perform that even an > admin user should not be able to perform without extra authentication. > It's not even necessarily related to security - I don't want a bug in > firefox resulting in it trying to write to /dev/sda rather than a file > in my home directory, for instance. This needs to be enforced at the OS level, with an analyzable policy, so you can determine if this is possible or not. "Install all signed packages from a Fedora repository" may indeed include the ability to write to /dev/sda -- nobody really knows and you have no way to find out. Also, it should certainly be possible while the operation is running at full privilege. - James -- James Morris <jmorris@xxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
