Re: question about audit _by default_ in Fedora cloud images

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2014-06-17 15:04 GMT+02:00 Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx>:
I was looking at https://fedorahosted.org/fesco/ticket/1311, and it occured
to me that we don't ship the selinux troubleshooting tools by default in the
minimal cloud image (add 'em if you need them). We do leave _audit_ there.

What do people think about removing it? (As noted in the ticket, it's mostly
useful with configuration, not in the default state.)

Note that having the userspace audit package installed and having audit syscall auditing enabled are not the same thing; in fact the proposed way to disable syscall auditing requires the audit package.

I don’t have a very strong opinion on either one from a “security” point of view.

Beyond that, generally I’m not too enthusiastic about having the various products too different in configuration defaults in ways that are not obviously expected for the product in question (i.e., a “purposefully minimal” image removing packages from the default set is expected; the same image changing the syscall audit configuration is, I think, not).
    Mirek
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux