Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
On Thu, Mar 01, 2012 at 02:53:26PM +0100, Johannes Meixner wrote:

On Mar 1 12:18 Roger Oberholtzer wrote (excerpt):
... the root problem (pun intended) remains. What is
needed is a general approach to these permissions.

If the use case is "printer setup on my own machine",
I think - but I am not at all a security expert - it should
be an acceptable solution when the normal user's password
and the root password are the same so that from the user's
point of view there is just one password i.e. THE password.

Then configuration changes could still require THE password
which is - from my point of view - sufficiently easy to use
and sufficiently secure because:

- The owner of the machine can do any configuration changes,
he only must provide THE password.

Even with a single user you might not like to share the root password.

- The owner of the machine cannot do configuration changes
by accident because he must provide THE password.

And exactly this password is intendend even not to be shared. You
addressed an issue which was not discussed. ;)

- Arbitrary persons who get access to the machine cannot
do configuration changes (i.e. arbitrary persons cannot
hijack the machine when it is running unattended).

As far as I noticed what other wrote in this thread, this could
be even already the default when installing an openSUSE system.

If yes I wonder what the whole discussion is about?

Does anybody really want that arbitrary persons are allowed
by default to do configuration changes?

The discussiion is not about arbitrary people. It's about existing
users which must not have root access.

More and more I believe printing with Linux is a great attempt to save
our woods. ;)

I assume nobody wants this.

Therefore I assume what is wanted is that not only one person
is allowed by default to do configuration changes but that
it is possible to allow particular other users (e.g. the
owner of the machine and his best friend) to do particular
configuration changes.

As far as I know this is currently not possible.

If this is wanted, a FATE feature request should help...


Oh the feature pat cemetry. That's such a good place to get people shut
up. ;) I'm quite sure if it got filed there we'll see it addressed in
2020. Maybe.

Wouldn't it be much easier to allow all local users to modify the cups
configuration if the administrator prefers this?

Wouldn't be adding the group named users, where all local users are a
member of, by default to the SystemGroup enough?

cupsd runs as root. Therefore the suggested approach might scare the
security team. But this might get the issue solved and we might add a
warning and it might open the door less than giving the root password to
the user.

Again, we should not set this by default. But on request by the adim
from inside the YaST install/ printer setup dialog.

Lars Müller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
< Previous Next >
This Thread
Follow Ups