Re: [opensuse] Should openSUSE review it's Security Policies?
- From: Marcus Meissner <meissner@xxxxxxx>
- Date: Wed, 29 Feb 2012 22:23:31 +0100
On Wed, Feb 29, 2012 at 02:40:13PM -0500, Larry Stotler wrote:
As many are aware, Linus Torvalds has started a rant about the
security policies in openSUSE for things that require the root
password. From his Google+
post(https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5),
he names these:
Time Zone changes
Adding a Printer
Adding a wireless network.
Now, I don't usually see the wireless issue because KNetworkmanager in
KDE3(which I use) has never asked the root password for adding a new
network.
While at 37, I've never changed timezones(I lead a boring life) I
would have to agree that having to use the root password for this
would be annoying if I needed to change it because of a flight or
something.
I've worked with Linus on a hardware issue years ago, and I think we
should probably at least consider reviewing the policies if they do
need changed.
Hi,
Let me address in the points
- timezone changes he complains about
GNOME 3 uses just 1 root service for both timezone and actual UNIX time changes.
If it were split, we could allow timezone for users and only allow unix time for root.
(There are split DBUS services already, just GNOME 3 uses yet another new one.)
=> It is a GNOME issue really.
- adding a printer
As it is already:
* Adding a known USB printer : No popup, no query ... the printer will just start to work.
* Adding a Network printer: depending on the computers "networked
printer browsing" setup, will just work without interaction.
* Adding a new not yet known printer: Difficult.
If you even need a PPD file to set it up, or an external driver, allowing
this is the equivalent of giving out root access.
=> Setting up printers is a hard task, and root privilege escalation is usually easy when
you are allowed to do it.
(I would also like to see it done on Windows 7 without Admin Password.)
- NetworkManager
12.1 shipped with 0.9 NetworkManager which was very fresh off the press.
Before 0.9 all WLAN connections were "user" based connections and did not change
the system.
0.9 features now "system" and "user" based connections.
The default is "system" connections, it was not even possible to select the "user" option.
A "system" connection is too deep and should only be configurable by root in our eyes.
Sadly, the UI frontends did not offer the selection to select "user" profiles, so it
was necessary.
Ludwig did quite some work on making the default more sane and it works now at Linus
acceptance level I think.
=> NetworkManager and NM UI tools design issues make a secure and usable default hard.
For all of those exists bugzilla entries.
All of those need less help on the security side, but way more help on
the implementation and design side in the User Interfaces, especially NetworkManager.
Ciao, Marcus
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
- References:
- [opensuse] Should openSUSE review it's Security Policies?
- From: Larry Stotler
- [opensuse] Should openSUSE review it's Security Policies?
- Prev by Date: Re: [opensuse] Resize BTRFS
- Next by Date: Re: [opensuse] Should openSUSE review it's Security Policies?
- Previous by thread: Re: [opensuse] Should openSUSE review it's Security Policies?
- Next by thread: [opensuse] Resize BTRFS
- Index(es):
Relevant Pages
|
