Am 25.02.2015 um 21:38 schrieb Zdenek Kabelac:
Dne 25.2.2015 v 18:44 Reindl Harald napsal(a):
>
> Am 25.02.2015 um 18:37 schrieb Paul Wouters:
>> On Wed, 25 Feb 2015, Lennart Poettering wrote:
>>
>>> Hmm? Syncing is allowed to my knowledge. C-a-d and gdm allow a clean
>>> reboot/poweroff. But sysrq does an abnormal reboot/poweroff, which we
>>> cannot allow. Similar, remounting read-only is also security senstive,
>>> which we cannot allow.
>>>
>>> Without being logged in there's very little you can do on a host right
>>> now, and sysrq should not open up more there by default.
>>
>> You must have forgotten your university days....
>>
>> The alternative to not being able to sync-umount-boot using sysrq is to
>> flip the switch. I'd rather have them use sysrq.
>>
>> I said it when they closed X ctrl-alt-backspace and I'll say it now.
>> When you are on console with the power plug, preventing these actions
>> is stupid
>
> when you are on a machine where you have pysical only keyboard and
> mouse it is
> not - not every PC stands in front of your face - think about kiosk
> mode and
> so on...
When I read such answers - I always wonder myself - how many kiosk ever
run Fedora...
It's such a bad idea to optimize Fedora for one-in-milion users and
those 999.999 has to suffer instead of require 1 guy to configure more
secure version
you can be sure that the need for sysrq is the one-in-milion users just
because i am a *heavy user* with a lot of setups and used it 4 times in
the past 12 years while restricted it to "kernel.sysrq = 20" long before
the systemd change
it's such a bad idea to *not* optimize out-of-the box for security
the ones which don't care can disable it, most won't care, nor have a
need nor do they even know about a lot of things - this users are also
not in the position to fix bad security defaults because they have no
idea about it