PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Epic fail from RedHat?

From: mike.mikemiller at gmail.com (Michael Miller)
Date: Thu, 19 Nov 2009 13:06:23 -0800
I think the idea is to provide the same type of control that you have
with Active Directory and GPO software polices.  Which are based on
HASH values or Certificates rolled out by GPO.  I don't think the
developers where looking at it from the same view point of system
administrators.  Who most likely are going to be in a corporate
environment. They want software (installs)  to be easy for people
switching over from Windows.

I say that based on what one of the mission statements ( with a lot of
paraphrasing on my part. ) from Fedora Project.  I think if you where
to role this out in a corporate environment this would work out really
well.  If one was to do it correctly and maintain their own software
repositories.  Which would decrease the number of help desk calls when
a user needed some software installed to do there job.

<Personal Opinion>
I have the view point that if have a based image ( Stripped down OS )
you reduce security issues because you don't have Acrobat or Flash
installed on 500 machines in your environment.  You only have Acrobat
or flash installed on the machines of the people who need to use that
software.  In a perfect world that would be 10 or 15 people.   Which
is a different line of thinking from most Microsoft shops where they
want every machine to be exactly the same to reduce software
conflicts.
</Personal Opinion>

Sorry for the rant.

mmiller

On Thu, Nov 19, 2009 at 1:57 AM, Xavier Garcia <xavi.garcia at gmail.com> wrote:

Hi guys,

First, sorry for my broken english.


This is from Dailydave. Have a look at this bug report from RedHat (Fedora12). Hilarious!

https://bugzilla.redhat.com/show_bug.cgi?id=534047

"Bug 534047 -  All users get to install software on a machine they do not have the root password to"

All these years working to have a standard and controlled environment. Now all this is bs and everybody
should be able to install whatever they want in a desktop environment because the packages are signed and are trusted 
(secure).


"PackageKit allows you to install signed content from signed repositories
without a password by default. It only asks you to authenticate if anything is
unsigned or the signatures are wrong. "

Fail!

Regards,

Xavier Garcia
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: