From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mike@fly.osdn.org.ua>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham
	version=3.2.5
Date: Mon, 14 Dec 2009 00:49:25 +0200
From: Michael Shigorin <mike@osdn.org.ua>
To: devel@lists.altlinux.org
Message-ID: <20091213224925.GS13584@osdn.org.ua>
Mail-Followup-To: devel@lists.altlinux.org
References: <20091213223508.GK24097@osdn.org.ua>
	<m3zl5mo5o3.fsf@host-242.school-233.altlinux.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <m3zl5mo5o3.fsf@host-242.school-233.altlinux.ru>
User-Agent: Mutt/1.4.2.1i
Subject: Re: [devel] [JT] *Kit
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Dec 2009 22:49:42 -0000
Archived-At: <http://lore.altlinux.org/devel/20091213224925.GS13584@osdn.org.ua/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

On Mon, Dec 14, 2009 at 01:44:28AM +0300, Vitaly Kuznetsov wrote:
> > In short, the problem was that in the Fedora 12 default
> > installation, regular users sitting at the console could install
> > signed packages from any repository that the administrator has
> > enabled. [...]
> Fedora is a "bleeding edge" and thus this is normal.

---
The Fedora project has likely learned quite a bit from this
particular controversy, and it seems to be taking the right steps
to avoid a repeat in the future. For a distribution that went
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
through a great deal of pain to integrate SELinux features in
order to increase the security of the system, it is mind-boggling
to many that this non-root install feature was added as the
default. There were multiple missteps--making it the default, not
highlighting it in the release notes, not testing it in Rawhide,
and so on--but those can all be corrected. Hopefully, the outcry
and publicity will ensure that the word gets out, so that Fedora
users will understand the issue and can make the appropriate
changes for their systems.

In the meantime, though, other projects--distributions or
software packages--would be well-served by studying this episode.
Security is hard, and requires great diligence. It is likely that
other projects could have hit this same kind of problem, but,
hopefully, with this incident as a guide, will avoid doing so
in the future.
---

-- 
 ---- WBR, Michael Shigorin <mike@altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/