On Fri, 2010-02-05 at 16:52 -0800, Adam Williamson wrote:
> As I said, I don't understand much about them. i.e., I don't know what
> they're used for. i.e., flippant answers aren't terribly helpful. =) I
> am terribly sorry for only having shown up within the last decade or so,
> I fully appreciat
On Fri, 2010-02-05 at 15:21 -0500, Adam Jackson wrote:
> > I don't understand much about utmp and wtmp, but if appropriate they
> > could be specifically excepted from the policy. Ditto the ConsoleKit
> > history. What's the rationale for these being world-readable?
>
> Unix used to be a multiuse
On Thu, 2010-02-04 at 15:39 -0800, Adam Williamson wrote:
> On Thu, 2010-02-04 at 15:14 -0500, Adam Jackson wrote:
> > - Declaring "Read from system logs containing any information about user
> > activities" to be a privileged action, means that who(1) and last(1)
> > break, since utmp and wtmp are
Adam Jackson wrote:
> - "Read or write directly to or from system memory" is, technically,
> something every process does. "Device or kernel memory" might be closer
> to the spirit of the law?
That wouldn't cover other users' processes. How about "memory that is not
allocated to the users' own p
On Thu, 2010-02-04 at 15:14 -0500, Adam Jackson wrote:
> Some nitpicking:
>
> - "Read or write directly to or from system memory" is, technically,
> something every process does. "Device or kernel memory" might be closer
> to the spirit of the law?
Yeah, that's one people have said is somewhat
On Mon, 2010-02-01 at 15:47 -0800, Adam Williamson wrote:
> Hi again, folks. Here is another draft of the privilege escalation
> policy. This is the sixth draft (second to this list). Changes: one of
> Kevin Kofler's queries alerted me to the fact that somehow all the
> changes between draft 1 and
On Tue, 2010-02-02 at 11:33 +0100, Tomas Mraz wrote:
> > again, comments are welcome! This is probably going to FESco next week,
> > not tomorrow, apparently they have a heavy schedule tomorrow.
> >
> > https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy
>
> Wha
On Mon, 2010-02-01 at 15:47 -0800, Adam Williamson wrote:
> Hi again, folks. Here is another draft of the privilege escalation
> policy. This is the sixth draft (second to this list). Changes: one of
> Kevin Kofler's queries alerted me to the fact that somehow all the
> changes between draft 1 and
