Reply to comment

Re: PackageKit policy: background and plans

By Krzysztof Halasa at 11/23/2009 - 10:37

Kevin Kofler <kevin. ... at chello dot at> writes:

This is good.

Also we should remember that user entering root password in user's
session makes the user account practically equivalent to root (it can be
seen as a protection against incidental damage, but not against a real
attack). The only secure way has to use a fully trusted path from the
person to the root process - e.g. logging as root (or root-equivalent)
initially, with a physically secured console (some sysrq-k or
ctrl-alt-del combo which cannot be remapped or blocked by non-root etc).

E.g. using su or in most cases sudo etc. makes the non-root account
equivalent to root. This can be, of course, deemed secure as long as we
accept and understand this equivalency.