Re: Final (hopefully) privilege escalation policy draft

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2010-02-10 at 12:48 -0800, Adam Williamson wrote:
> I have now adjusted the draft -
> https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy - to reflect all feedback from this list and from FESco. It will be reviewed again by FESco next week. Please raise any potential issues or further suggestions for adjustments before then. Of course, even if the policy is accepted by FESCo it will not be set in stone and changes and exceptions can be added in future as appropriate, but I'd like to have it as good as possible at first :) thanks all!

==>
In practice, packages which provide one or more of:

      * setuid binaries
      * PolicyKit policies
      * consolehelper configurations
      * udev rules

are likely to be affected by this policy
<==

Shouldn't

  * D-Bus services on the system bus

be listed there, to make sure that /etc/dbus-1/system.d/*.conf files are
sane?  It's just that it is quite a commonly used mechanism.

This was brought up in discussion of one of the first drafts, IIRC, so
perhaps it is intentionally omitted..?

Tim.
*/

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux