Once upon a time, Adam Williamson <awilliam@xxxxxxxxxx> said: > I was being hand-wavy. :) Spot's blog says 'anything in /var/log', which > isn't a bad definition, I guess. Can you think of anything better? Users can write to (or cause entries to be appended to) any syslog log files, since syslog listens on a socket (I don't think there's a way to limit that). One thing that jumps out at me about the way the policy is worded is that it defines what is restricted (what you can't do) instead of what is allowed (what you can do). This seems backwards to me; you'll always be chasing some new thing that somebody implemented (e.g. the PackageKit change that brought this about) that wasn't previously restricted. If you define the only things that are allowed (e.g. "change own password", "admin user install packages" (once "admin user" is defined), and so on), then anything not explicitly allowed is "bad". If somebody wants to implement something new (e.g. PackageKit), they need to get a policy change approved. When it comes to security, you want to define what is okay and assume everything else is not okay; trying to think of all the not-okay things in advance usually fails. -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
