[Mageia-discuss] A possible risk ?
alien at rmail.be
Thu Feb 9 01:12:12 CET 2012
Op woensdag 08 februari 2012 23:46:46 schreef Renaud (Ron) Olgiati:
> On Wednesday 08 Feb 2012 19:11 my mailbox was graced by a message from
> andre999 who wrote:
> > So defaults being
> > 1) release upgrades requiring root password.
> > 2) package updates requiring user password.
> > 3) if current account requires not password, no update.
> > Wouldn't that satisfy security concerns ?
> No, it still leaves the user launching an update, hosing his system and
> being left with a dead system.
> I feel (strongly) that updates, like upgrades, should only be done by
> someone who can reinstall the system in case of problem ==> root.
i feel that this is a point to be determined by the sysadmin in question, and
i also find it unacceptable if we actually get to that point...
as far as _defaults_ go, for me that sounds exactly like what i came up with
below (more or less).
imho, you're free to change the setting for your installs...
also, iinm there are several security levels?
More information about the Mageia-discuss