Feature changed by: Matthias Eckermann (mge1512) Feature #307745, revision 12 Title: Let the admin ("root") download and install untrusted third- party RPMs from known URLs guided via YaST openSUSE-11.3: New Priority Requester: Neutral openSUSE Distribution: Unconfirmed Priority Requester: Neutral Requested by: Johannes Meixner (jsmeix) Partner organization: openSUSE.org Description: I would like to have it evaluated whether or not it is allowed to implement a dialog in YaST which lets the system admin (i.e. "root") download and install untrusted third-party RPMs from known URLs. In any case "root" can download and install any software manually. This request is about to provide a guided and restricted way for some particular cases. My current use-case are the printer driver packages which are available via OpenPrinting at the Linux Foundation: http://www.openprinting.org/driver_list.cgi where LSB compliant driver RPM packages are available. From my point of view those packages are on the one hand untrusted third-party RPMs but on the other hand their download location is "well known" which makes those packages "well known third-party packages". I assume that from a strict security point of view any kind of third party software is "strictly forbidden" but I like to propose a more useful way here: The system admin (i.e. "root") can in any case download and install whatever software he likes. This may invalidate e.g. whatever support contract but it is up to the admin to know what he does. Currently we have no idea at all which third-party printer drivers an admin may download and install on his own. When he has a printer for which there is no driver provided by us, the admin may download whatever driver software from any totally unknown location and install it with any unknown consequences. (E.g. some time ago there was a printer driver from a printer manufacturer where its installation script set setuid root bits on various user application programs to mak it "just work".) Currently we even do not tell the admin about the well known printer driver locations at OpenPrinting. From my point of view it would be a big improvement when I could implement a dialog in the YaST printer module which shows a very explicite text that this is about untrusted unsupported third-party software. This text would require explicite confirmation by the admin. Then it downloads RPMs only from hardcoded URLs from OpenPrinting and inspects the downloaded RPM whether it overwrites already installed files on the system and if not, it installs it without running any RPM scripts because normal printer drivers do not need to run RPM scripts during installation. If the above conditions are not fulfilled it shows a very explicite warning text and does not install anything. In contrast to now where we leave the admin totally on its own how to get a driver for a printer for which we do not provide a driver, the above described guided and restricted way to download and install drivers via YaST would help both the admin and us because in many cases we could make sure this way that we know at least which third-party driver the admin has installed. Please do not confuse this request with the different request how a third-party (e.g. OpenPrinting or a printer manufacturer) could provide software packages in a way which is in full compliance to our package installation and management tools (i.e. via a repository which provides also updates and so on). This request is meant for third-party RPMs "as is" where the vendor/provider simply does not want (because of whatever reason which is beyond our control) to provide his RPMs in compliance to our package installation and management tools. Discussion: #1: Johannes Meixner (jsmeix) (2013-10-24 09:33:17) FYI what other distributions currently do you may have a look at what Till Kamppeter wrote about a "Printer Driver Auto Download Service at OpenPrinting": https://blueprints.launchpad.net/ubuntu/+spec/desktop-karmic-printer-driver-... #2: Johannes Meixner (jsmeix) (2013-10-24 09:35:11) (reply to #1) The full specification: https://wiki.ubuntu.com/PrinterDriverAutoDownloadService + #3: Matthias Eckermann (mge1512) (2013-10-24 10:06:30) (reply to #2) + Openening a machine for software downloads (a PPD is also to be + considered software) from arbitrary sources in arbitrary (file) formats + is a security nightmare. + In my view, the Open BuildService provides openSUSE with an + infrastructure, where the demand for quick availability is combined + with the capabilities for peer review and availabililty in a (per + distribution (RPM, DEB, ...)) standard format. -- openSUSE Feature: https://features.opensuse.org/307745