Local users get to play root?

Konstantin Ryabitsev icon at fedoraproject.org
Wed Nov 18 20:08:08 UTC 2009


2009/11/18 Casey Dahlin <cdahlin at redhat.com>:
>> Because sudo doesn't use policykit? Because sudo gives you full root
>> access -- not just ability to install trusted software from trusted
>> repositories? Moreover, even sudo doesn't ask me again if I invoke it
>> within 5 minutes of using it (or however long it is).
>>
>> Regards,
>
> But why is it neccesary? That was more my point.
>
> The answer is: because being associated with a login on the local console doesn't verify that it is a /user/ in control.

Yes, this is security trade-off -- and with valid arguments. Does it
make sense to have this as a default configuration for a
desktop-oriented distribution? Quite possibly. Fedora installations in
managed environments have qualified sysadmins that can alter this
policy -- but a user who installs Fedora at home will probably welcome
not having to type in a root password when they want to install a gimp
plugin. If experience with Vista has shown us anything, is that people
absolutely hate when they have to make constant decisions about most
minute details of their system's operation. I installing trusted
software such "minute operation?" Perhaps.

I'm just trying to point out that this is very, very far from "OMG
LOCAL ROOT FOR EVERYONE" as implied in the original email.

Regards,
-- 
McGill University IT Security
Konstantin Ryabitsev
Montréal, Québec




More information about the devel mailing list