Adam Williamson <awilliam@xxxxxxxxxx> writes: > Here's a second draft, addressing several (not yet all) of the concerns > raised about the first. > ... > The policy requires that any code which allows an unprivileged user > account to perform, or cause to be performed, certain actions must > require authentication as the root user prior to the action being > carried out. I think it would be a good idea if this were rephrased so that it did not sound like "you must give the root password". Spot's original blog post specifically mentioned the case of sudo, and there might be other similar means of authentication that should be considered to allow these things. (Unless the intention is to trash the usefulness of sudo, in which case I'm going to start objecting loudly.) The other point that sudo brings to mind is that there may be some "distance" (for lack of a better word) between the authentication and the authorized action. I don't think the policy will be good for much unless it tries to explain that concept and clarify just what amount of separation we want to allow. regards, tom lane -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
