Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges

eqisow writes "The new default policy for Fedora 12 allows local, unprivileged users to install signed packages without root access. This change apparently went mostly unnoticed until after the Fedora 12 GA release, at which point it sparked a mailing list thread that is, as of this writing, over 100 posts long."

Re:This makes sense

[fluch]

No, it does NOT make sense. It creates a new security risk: If some malicious software (runing under with normal user privileges) notices that a hackable software is missing on the computer (one which has a known security vulnerability to gain root access) it can now install this package without problem and gain root access later on.

A sudo approach like done in Ubuntu is much better.

Require Password Instructions

[BountyX]

Browsed through the list. Here are instructions to require a password for signed repo. I agree with many of the mailing list users, this is a very bad default and there seems to be an assumption of targeting the desktop, or single user environments...

Re:You laugh, but....

[Romancer]

They're in for a long battle.

Considering that the fix to this is already written out in one line of code in the same thread on the same day here:
https://www.redhat.com/archives/fedora-devel-list/2009-November/msg01055.html

And they have already admitted that the default security setting is not consistent with the philosophy they had built the Linux system on in the past. That's a pretty good turn around time for a mistake in the security area of an OS.