Mailinglist Archive: opensuse (1036 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
On 02/29/2012 07:12 PM, Carlos E. R. wrote:
On 2012-03-01 04:03, John Andersen wrote:
On 2/29/2012 6:49 PM, Carlos E. R. wrote:

A mess to set up too. The current YAST configuration utility
seems overly obtuse in an attempt to be capable of doing
everything. A simpler check box list of tasks would be easier to
set up.

But that is complex to create. What tool do we have that allows
that usage? I don't know, perhaps it is policy kit.

Well, there are a few things that a user would commonly need to do.
Some of these are already mentioned on this thread,
apply security updates
certain connections to Windows networks
maybe some mounting issues for odd things, phones, etc
Run full Yast...
maybe 4 or 5 things I haven't thought of...

So you have a few things like this on a Yast page Named
Common SUDO tasks, and you select the user, then check the items
that user should get to use.

Typically you'd give a young kid the ability to only
to hook up to wifi,
Maybe add a printer

Then as they get older you allow them to
apply updates
Maybe run yast.

So instead of being something so open ended as the current Yast SUDO
setup, it would be much simpler. You could add tasks to the list using
/etc/sysconfig if needed.

The use case I see for this is more likely aimed at the corporate
laptop, where you don't really want to bug the IT department every
time there is a security patch to apply.

Explain again the part about rm -rf /
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread