Michael_E_Brown(a)Dell.com wrote:
After looking closely at the mock-helper source, I have identified
several problematic areas, listed below. I do not believe, given the
current state of mock-helper, that we should endorse the idea of
allowing untrusted users access to the 'mock' group. We should very
prominently label mock as giving, essentially, root access to each user
you allow to run it. I believe the wiki, the help text of "mock -h", the
mock README, and the mock man page should all be updated with this
information.
I think this makes sense to do as the short-term "so we can get mock 0.6
out" as there are a lot of cool and important stuff that people are
clamoring for.
Then, post 0.6, focusing a bit on fixing the areas of security concern
would seem to make sense.
Jeremy