On Sun, 2006-04-02 at 03:45 +0100, Naheem Zaffar wrote: > and that could be very very dangerous... a single web browser flaw > could open up the full system to attack... How? > > ...Imagine visiting a page that installs a repository, and then > subsequently replaces core packages with compromised ones? The browser automatically installing packages just because you visited the page. You will have confirm to something and supply the root password and there is GPG keys to verify the source and there is SELinux to confine the amount of permissions that a browser has. > (there are a couple of security hurdles such as root password... but > never rely on the user to easily make the corrent judgement...) Making it harder to install packages is security through obscurity. In the near future, we are looking at a design for a system to get the least amount of permissions possible and automatically get and drop privileges Network Manager style. http://searchopensource.techtarget.com/tip/1,289483,sid39_gci1173575,00.html http://www.osnews.com/story.php?news_id=13904 Rahul -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
