Torvalds:requiring root password for mundane things is moronic

Chris Murphy lists at colorremedies.com
Sat Mar 3 22:10:31 UTC 2012



On Mar 3, 2012, at 1:00 PM, Neal Becker wrote:
>> 
> 
> Here's one part of the principle:
> 
> I. The ONLY reason for re-auth is to prevent trojans/web attacks.
> 
> This implies
> 
> -> Don't ask for re-auth for an action that isn't really potentially harmful 
> (e.g., adding a printer)

Depends. What if what's being added is a remote printer, that's merely a way to smuggle documents out of a company? So direct attach printers are probably fair game for adding without authentication. The user clearly has physical access to both computer and printer, the most applicable security control in this context is physical. But to add a non-local IPP printer is possibly a red flag.


Chris Murphy


More information about the devel mailing list