Local users get to play root?
Konstantin Ryabitsev
icon at fedoraproject.org
Wed Nov 18 19:03:49 UTC 2009
2009/11/18 Simo Sorce <ssorce at redhat.com>:
>> If I have physical access to your machine, I'll own it. I may have to
>> use tools to get to the HDD, but it's only a question of time and
>> dedication.
>
> *you* are not one of my users, and this has nothing to do with *you*
> hacking in my machine. If I have physical access to a machine I do not
> even care about what's installed on it. In 99% of the cases I will just
> be able to boot from a live cd. That's a completely different issue.
Well, then we're violently agreeing about the same thing.
Anyway. It doesn't look like this is a change in Fedora policy,
because it clearly caught everyone off-guard. Looks like PK developer
made an executive decision and it's up to us to either issue an update
to revert to the previous behaviour, or to continue debating whether
allowing local console users to install trusted software from trusted
repositories is a sane security trade-off.
Regards,
--
McGill University IT Security
Konstantin Ryabitsev
Montréal, Québec
More information about the devel
mailing list