> So really sudo is just a formality. It is a layer of security, > preventing malware from infecting the system. But the default F12 > policy to allow yum installs of signed packages is a good one. I'd > disable it, for example, in the CS dept, and certainly in an enterprise > environment. But then again I wouldn't run Fedora on enterprise > desktops (or Ubuntu for that matter, except the LTS editions).
A little sidenote. If you are disabling the signed packages in your enterprise, you are doing it wrong. Build RPMS with a signed gpg key is just a matter of --sign and that's all. If you are doing untrusted packages, it can be very risky even if you are doing it within your own environment without any outside influences. Clint -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
