Re: Security testing: need for a security policy, and a security-critical package process

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Mon, 23 Nov 2009, Matthias Clasen wrote:

On Mon, 2009-11-23 at 18:31 -0500, Seth Vidal wrote:

Otherwise we open ourselves up to a less-secure-by-default posture in an
average install.

We've been in that position in the past and it is not a favorable place to
be.


We should just avoid to sink tons of QA resources in verifying that a
theoretical 'unprivileged user' can do nothing, when that role is not
something anybody would want to use anyway (because it can do nothing)
and is not the role that most users will actually end up with in a
typical desktop install.

If someone installing/deploying fedora (or a fedora-derived spin) wants to configure a specific user or a set of users to have greater power, then they should be able to do that.

The default as shipped in our packages should not empower users significantly.

Default strict, configure relaxed.

-sv



--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux