Fedora firestorm and thoughts

Thu Nov 19 13:21:54 MST 2009

Well, if we have no vision, we'd be blind.  Though in this case, it seems
like they're being blinded by vision...

Anyway.  So what I see here is that they want users to install packages.
Maybe some kind of userland package system would work out.  This snafu
reminds me of committee-think.

On Thu, Nov 19, 2009 at 12:32 PM, Ed <plug at 0x1b.com> wrote:

> On Thu, Nov 19, 2009 at 12:00 PM, Dazed_75 <lthielster at gmail.com> wrote:
> > There seems to be a firestorm going on with regard to a change in the
> newly
> > released Fedora 12.
> >
> >
> http://linux.slashdot.org/story/09/11/18/2039229/Fedora-12-Lets-Users-Install-Signed-Packages-Sans-Root-Privileges?art_pos=1
> > https://bugzilla.redhat.com/show_bug.cgi?id=534047
> >
> > How much this has blown up from being "slashdotted" is not an issue IMHO.
> > And I agree that it was a horrible decision to make that change be the
> > default.  I do hope they revert it.  My belief is that if they wanted
> such a
> > change it is important enough they should have retained the old behavior
> and
> > made an option to implement the new only by someone having root
> privileges
> > and proving it.
> >
> > But the real reason for this post is that I have noticed what might be a
> > trend in recent releases.  It feels like a trend to me and I find that
> > bothersome.  The trend I am talking about is for new releases to change
> > defaults and content in ways that so many reviews and tips are focussed
> on
> > how to revert the "improvements" to the prior art.
> >
> > For example, there are many positive reviews for Karmic Koala (ubuntu
> 9.10)
> > along with the usual problem reports.  But it seems that many of the
> problem
> > solutions and tips being published are how to "fix" Karmic back to the
> way
> > ubuntu used to work.  Now this thing with Fedora 12.  I get concerned
> when
> > it seems like we risk our advantages of better security and stability.
> I'm
> > all for ease of use and innovation but I wonder if some changes are going
> > too far and too fast.
> >
> > I have also noted that many changes are made to make things easier for
> new
> > users (a good thing) but along the Microsoft model of assuming users must
> be
> > stupid ... errr .... don't need/want to know.  Is that bothering anyone
> > else?
> >
> > --
> > Dazed_75 a.k.a. Larry
> >
> > The spirit of resistance to government is so valuable on certain
> occasions,
> > that I wish it always to be kept alive.
> >  - Thomas Jefferson
> >
>
> Fedora has apparently gone for the "Drop Trow" level of security  -
> the fix everyone is going to need is here:
>
>
> http://skvidal.wordpress.com/2009/11/18/polkit-and-package-kit-and-changing-settings/
>
> the bug is here:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=534047
>
> the quote:
>
> "you are now vulnerable to local root exploits not only in packages you
> installed, but also in packages you chose not to install."
>
> there does seam to be an effort to "dumb down" or "Up the Stupid" in
> many FOSS projects/distros. Is it just me, or do these problems crop
> up right after the developers try for a "long term vision"? should
> open source avoid the "vision thing"?
>
> Ed - when the path becomes a road, fork it. ;)
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

-- 
James McPhee
jmcphe at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20091119/ce87352a/attachment.htm 