Fedora Feature Proposal: Yum Integration

[Horst H. von Brand]

Matthew Miller <mattdm at mattdm.org> wrote:

> On Fri, Jul 20, 2007 at 10:54:16AM -0400, Horst H. von Brand wrote:
> > > > Nope. If it has to be installed/configured/managed by root, it is system
> > > > software, regardless of it being the kernel or a game. The stuff in
> > > > $HOME is yours to mess around with.
> > > You mean "by root", or "by a process with root privileges"? Because that's a
> > > whole different question.
> > No, it isn't. Not really.
> 
> Sure it is, because the later can be controlled by policy.

You lost me there.

> > > "Foo kind of packages" from an approved repository of
> > > cryptographically-signed rpms.
> > Checked by whom for sanity? Who decides which ones can be installed and

> Fedora.

Again, how do you enforce "games are out", "no graphical applications on
this server", "nothing that allows people to chat"? It isn't exactly
Fedora policy (and if it was, what makes you think it will stay
forever?).

[...]

> > Besides, you very well can set up a sudo(1) entry that allows Jane
> > R. User to run *only* yum with designated repositories. I just fail to
> 
> If you're limiting to installation, sure. But more fine-grained control than
> repository level might be desirable.

If you need a flexible policy, have a human do it. Not everything can be
automated (or if it can, is worth the trouble).

> > see why such (local policy) has to be integrated into the system, when
> > it is not universally required (or even wanted). Remember: Unix
> > philosophy is having tools that do one thing, and do it well. Leave the
> > infinite combinations in the capable hands of the user.

> This is a good argument *for* the idea.

I don't see how. You *can* do it today, with a bit of work on /your/
side if you need it. No need to load down my machine (where that is most
unwellcome) with it.

> > Managing a computer isn't trivial, if the users don't know how to do it
> > right, better keep their hands in the pockets. Random stuff installed by
> > (well-meaning) users or random passers-by caused inmense grief here with
> > Windows, until we just gave the users restricted accounts.

> Users can currently install whatever random stuff they want in their home
> directories. They can build their own local versions of network clients and
> then fail to upgrade them to fix security flaws. Much better to allow them
> to install selected programs from the official Fedora repository.

And said security flaws will only afect them, not the whole system;
while security flaws in willy-nilly installed stuff affects everybody
(yes, even Fedora-blessed software has had its share of security
problems). 

One of the basic guidelines when securing a system is to keep it as
simple as possible, i.e., install only what is required, and keep a
strict control over what is happening.  Anything else ends with the
sysadmin in a padded cell.
-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                    Fono: +56 32 2654431
Universidad Tecnica Federico Santa Maria             +56 32 2654239
Casilla 110-V, Valparaiso, Chile               Fax:  +56 32 2797513