On Tue, 2006-01-10 at 11:59 -0500, Christopher Aillon wrote: > Well, we live in the real world, not the linux world. For example, on > my personal, privately owned laptop, I want to access Red Hat's VPN and > its WEP keys. I store my keys in the keyring. It is not unreasonable > for me to allow my sister, or my girlfriend, or whatnot to use my laptop > at times. However, they do not get access to Red Hat's internal > network. They have their own unpriveledged user accounts on my laptop. > I don't see how this is an unreasonable situation in the real world. Yet those people, if they have accounts on your laptop, _can_ access Red Hat's internal network any time your laptop is connected. Because you haven't set up iptables to do per-user filtering, have you? And anyway, I'm not suggesting that you shouldn't support the esoteric case of people kidding themselves that per-user keys are actually meaningful. I'm suggesting that you shouldn't _enforce_ that bizarre view; that you should at least make some allowance for the _normal_ case, which is per-system keys. -- dwmw2 -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list