Mailinglist Archive: opensuse-factory (883 mails)

[Claudio Freire <klaussfreire@xxxxxxxxx>]

On Tue, May 22, 2012 at 11:00 AM, Bryen M Yunashko <suserocks@xxxxxxxxx> wrote:
> > eg: I would like YaST2 never ask me root password to install software,
> > since it's my laptop and no one else can use it...but it'll surely be
> > banned in a security expert's eyes, and I don't know how to adjust it
> > for myself
> I agree that some basic functionalities shouldn't require passwords.
> Obvious are adding wifi networks or printer connections.   However, I
> still greatly appreciate requiring a password even on my own machine for
> software installations.  If anything, it becomes a gentle reminder to me
> that I must exercise my abilities with caution.

But that's the point: "require passwords" doesn't mean "require root password".

As sudo asks *your* password, those tools that handle wifi, printers
and such should also ask the user's password, and check whether the
user has permission to administer wifi, printers, and such.

We have sudo. Can't sudo be used for this? I imagine not because it's
a dbus issue. But then, dbus should be extended to support sudo-like
handling of permissions.

Also, installing software from configured repos is not the same,
security-wise, to installing software from source or from untrusted
repos.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx