Re: few ideas how to make fedora better as a desktop

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Thu, Mar 27, 2008 at 12:32 PM, Chris Adams <cmadams@xxxxxxxxxx> wrote:

bin vs. sbin is not at all a security measure, since users can already
run things in sbin just by using the full path (or adding the sbin dirs
to their PATH).
By default its not... but on a multiuser system you can restrict access the sbin directories
limiting access.. in a way that package updates don't revert your changes.

If our intent is to expose these binaries, and encourage a culture where normal users can expect access to these paths and the binaries in them, then it would make some sense to be sure we aren't creating an additional admin burden that forces admins to re-restrict access to paths that Fedora users come to expect.... for the sake of limiting access to a handle full of setuid'd binaries. 


-jef


-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux