On Thu, 2010-01-21 at 22:22 -0700, Kevin Fenzi wrote: > On Thu, 21 Jan 2010 15:17:54 -0800 > Adam Williamson <awilliam@xxxxxxxxxx> wrote: > > > Here's a second draft, addressing several (not yet all) of the > > concerns raised about the first. > > A few general comments: > > - Might be nice to number/letter/enumerate the items... so you can > point to specific parts without excessive quoting. The problem then is you're stuck with the ordering for evermore, as people expect that the numbers should never change. So you can't realize that you actually wanted to stick in another rule between 3 and 4. At least, not unless you call it 3.5 :) > - Is it worth noting ConsoleKit/udev rules here that would give privs > to local users that remote ones don't get? > > - Is it worth noting console users vs remote vs admin user types? I was reluctant to do this, as during the PackageKit kerfuffle it became fairly clear that this isn't a distinction it's safe to rely on; there are mechanisms by which remote users can quite easily appear as local users. As long as that's the case I'm not sure we should draw this kind of distinction. > - Is dbus security worth mentioning? system vs session and what users > should be allowed, etc? Er, details? :) > > The [[QA]] team will check packages known to be capable of privilege > > escalation for their compliance with this policy, both through > manual > > examination and automated testing via the AutoQA project. > > Would it be worth having some kind of automated script that can find > packages that might need scrutiny? ie, anything with suid binaries, > anything with polkit files, anything with consolehelper > > Sort of a critical path of security apps? Yes, we've already been planning exactly this. > Looks like ubuntu has a pretty bare/skeleton policy at: > https://wiki.ubuntu.com/SecurityPolicy > A few things there might be worth adding here. Damn, the *one* I didn't check (I checked Debian, SUSE and Gentoo) - you're usually safe if you figure anything useful in Ubuntu is in Debian too. Sigh...thanks! -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
