Local users get to play root?
Jeff Garzik
jgarzik at pobox.com
Thu Nov 19 21:22:45 UTC 2009
On 11/19/2009 03:59 PM, Peter Jones wrote:
> On 11/19/2009 03:37 PM, Jeff Garzik wrote:
>> On 11/19/2009 12:16 PM, Simon Andrews wrote:
>>> Bill Nottingham wrote:
>>>> Jeff Garzik (jgarzik at pobox.com) said:
>>>>> This sounds like a tacit admission that the default install for
>>>>> servers is bloody stupid (== same as desktop), unless the admin
>>>>> REMOVES packages we helpfully installed on the server system.
>>>>
>>>> PackageKit has only ever been included in destkop package groups.
>>>> While these groups are enabled by default, they are with the caveat of:
>>>>
>>>> "The default installation of Fedora includes a set of software
>>>> applicable for general internet usage."
>>>
>>> I've just been and checked on our servers, which were installed with
>>> minimal packages and never used for desktop activities and found two of
>>> them with PackageKit installed.
>>>
>>> Looking at the dependencies there is nothing on those machines which
>>> currently requires PackageKit so it could be cleanly removed, but
>>> something has pulled this in as a dependency in the past.
>>>
>>> Both of these machines have been through sequential upgrades from around
>>> FC3.
>>>
>>> Changing the behaviour of PackageKit would certainly affect me and I've
>>> never explicity installed it.
>>
>> Indeed. This issue is giving Fedora a major black eye in security.
>>
>> And this major security issue -- where admins upgrade into insecurity --
>> is just hand-waved away even though it applies to a lot of situations.
>
> Seriously, quit spreading this "it's hand-waved away" FUD. Elsewhere in
> the thread, notably without your participation, people have started
I'm in the thread; I guess that's another thing you are hand-waving away.
> discussing both guidelines for how polkit policy should work and also
> mentioned that they're going to bring this specific case up at the next
> FESCo meeting and try to deal with it.
>
> So seriously, quit pontificating about how your opinion is the truth,
> the way, and the light, and start reading what others are saying. It's
> not as you seem to think is is.
These are facts, not opinion:
* F11 with PK would prompt for a password
* F12 with PK does not
* Everyone upgrading to F12, with PK on their system, receives this
wonderful gift of lessened security.
* The user is not warned of this change, either via upgrade tool or
[gold] release notes.
* Judging by the reaction here and elsewhere, this change was NOT
expected by the Fedora userbase.
Every second that ticks by, more people upgrade into insecurity, with no
warning besides a slashdot thread. This is a secalert issue.
Jeff
More information about the devel
mailing list