Ticket #629 (closed defect: postponed)
root account allowed and used
|Reported by:||Ivan||Owned by:||ainulindale|
|Keywords:||root, privilege separation||Cc:|
Practice of running software under root level privileges long time considered most idiotic on all modern distributions.
In order for SHR to be secure we have to disable root account for remote access and use sudo for system-wide command running by root.
All the software (including phone stack) needs to be assesed and run with as low priviledge as possible (CAPABILITIES might be helpful here).
Also we should utilize PolicyKit? in order to make priviledge escalation as transparent to end user as possible.