On Tue, Nov 13, 2012 at 10:26:28AM -0500, Steve Grubb wrote:
With name = value, the vulnerability would likely be in the compiled
code
and the compliance check would pass. In this case the settings are
verifiably correct because the config file is not changed and part of the
compliance check usually involves running the OVAL content the Red Hat
security response team generates which checks the rpm version.
This discussion seems significantly beyond "remove polkit from core". I had
seen the announcement about Javascript in Polkit and kinda shrugged -- not
my ideal as a sysadmin, but, I thought, whatever.
The concerns you raise go beyond the preferences of sysadmins (who, I think
as a rule prefer key-value config files to complex ones). Of course, Fedora
isn't (at least, not right now) targetted at the high-security situations
you describe, but our major downstream consumer sure is. What (if anything)
should Fedora do here? What are our options?
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm(a)fedoraproject.org>