Control auto update from non authorized user Why justification
Leslie S Satenstein
lsatenstein at yahoo.com
Sat May 7 16:32:34 UTC 2011
There are times when it is OK to allow an automatic update. But there are also times when only the administrator account should be allowed to do it. I can control this by eliminating that entry from the non-authorized user menu, and still keep it for the authorized user (I decide who is authorized).
But one can, via terminal mode, go around the imposed security. The only true circumvention then is to change ownership or groups for the application.
Why not allow new file inserts due to a system update? Because I need to know before hand if that insert is going to break an already existing application. It has happened to me on CENTOS5.6 and it almost happened to me on F14 and F15.
On 7 May 2011 13:22, Leslie S Satenstein <lsatenstein at yahoo.com> wrote:
> I think that allowing dependency files may be a potential security breach.
Why?
Richard.
************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/test/attachments/20110507/9b33300c/attachment.html
More information about the test
mailing list