Local users get to play root?
Jon Ciesla
limb at jcomserv.net
Wed Nov 18 18:15:13 UTC 2009
Seth Vidal wrote:
>
>
> On Wed, 18 Nov 2009, nodata wrote:
>
>>>>> -sv
>>>>>
>>>> I do if it's in the default DVD install, or was pulled in in an
>>>> upgrade. I've never intentionally installed it, and yes I do. Never
>>>> imagined it would be a problem. I'll remove it.
>>>>
>>>
>>> Maybe you and I have a different concept of 'Servers'. But I tend to
>>> install @core only and then remove items whenever I can for a server.
>>>
>>> If it is a bad day I'll install X b/c something requires it but for
>>> servers I try to avoid anything beside the barest minimal I can have.
>>>
>>> -sv
>>>
>>
>> Maybe you have a different concept of security, but I don't want any
>> user on the server installing software, no matter what.
>
> right - which is why I wouldn't install PK on a server.
>
> yum doesn't allow users to install pkgs, only root.
>
> -sv
>
I just found PackageKit on a server that's never been anything but. It
was installed fith FC-2, which IIRC is pre-PackageKit. Does this mean
it was pulled in by something else that no longer requires it?
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie
More information about the devel
mailing list