[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security testing: need for a security policy, and a security-critical package process



> >I don't want to ship a desktop that doesn't let the user do useful
> >things.
> 
> And you can ship a desktop SPIN that way. But the base pkgs should
> not install with an insecure set of choices.
> 
> if you want the spin to have a post-scriptlet which allows more
> things, then that's the choice of the desktop sig over the desktop
> spin.

Given how .pkla works, this is likely to be done with packages, not
with %post hackery. (Which should make it much easier to reliably
test, as well.)

Bill


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]