On Tue, Jul 1, 2008 at 11:36 AM, Michael Stone <[EMAIL PROTECTED]> wrote: > http://dev.laptop.org/git?p=security;a=blob;f=rainbow.txt;hb=HEAD#l101 > > in my opinion, the cheapest way to implement P_SF_CORE + P_SF_RUN is by > turning the root password into a developer key, then by applying a CoW > layer such as we recently discussed.
Right, we'll revisit this when all that is in place. In particular, that means locking down sudo (and things which use it, like sugar-control-panel) far more than we do currently. >> The loosey-goosey "but this is highly likely to break when you upgrade >> between major releases" objection, for instance, is answered by the >> foot-shooting permission. > > It's also answered by the fact that RPM checks dependencies, no? Only if you assume that (a) nothing in the RPM set is going to be considered 'critical', and (b) all RPMs are well-behaved. I don't think we can enforce either. --scott -- ( http://cscott.net/ ) _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
