[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On 11/19/2009 04:45 PM, Richard Hughes wrote:
> So obviously we need some middle ground. I guess if the spins
> "personalise" the package set then they should also personalize the
> security defaults. e.g. a server spin would not include PackageKit at
> all, and default to not letting users change the time. A desktop spin
> would allow the desktop user to do most things without a administrator
> password. The tricky part is deciding a default policy that is
> suitable for all the people using Fedora, which honestly, I think is
> impossible.

Right. The alternative really is defining the roles and the target
audience clearly for distinct set of policies and allowing the user to
trivially select it during or post-installation.

So if I pick "personal desktop", the change you made makes sense. If on
the other hand, I choose "workstation" profile, I would obviously need a
more locked down profile.

Rahul


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]