Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges

Posted by timothy on Wednesday November 18, 2009 @09:30AM from the try-it-you-might-like-it dept.

eqisow writes "The new default policy for Fedora 12 allows local, unprivileged users to install signed packages without root access. This change apparently went mostly unnoticed until after the Fedora 12 GA release, at which point it sparked a mailing list thread that is, as of this writing, over 100 posts long."

2 of 502 comments (clear)

Min score:

Reason:

Sort:

It's obvious by Hognoxious · 2009-11-18 09:35 · Score: 0, Troll

They're just trying to make it more like Windows.

--
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Re:Denial of service attack? by Simon+(S2) · 2009-11-18 11:57 · Score: 1, Troll

Besides the obvious problems with this that I've already seen posted here...
Couldn't a user install everything from an approved repo and crash the machine by filling up all the disk space? Seems like an attack vector for denial of service attacks.
Sure. But since we are talking about local users that have physical access to the box anyway, why should they DoS it by installing packages? They could just throw it from the 11th floor.

--
I just don't trust anything that bleeds for five days and doesn't die.