On Sun, Dec 7, 2008 at 5:54 AM, Steve Grubb <sgrubb@xxxxxxxxxx> wrote: > Hope you find this informtion useful. Well it's certainly going to make for a more rational discussion. I still come back to one thing. Could the file permissions be implemented differently so that CAPP compliance could be a system install time choice, instead of being expressed in the configuration of all installs? Sort of how we make it possible for people who care about LSB compliance to be able to install the necessary bits without enforcing compliance on everyone else. Just sort of, I'm not suggesting security compliance and LSB compliance are anywhere close to the same thing in scope. But what I am saying is that I'm not sure the restrictions and assumptions behind the logic of CAPP makes a lot of sense for our default target usecases. We don't currently have a server target for example, and I'm not sure CAPP can be applied to something like a laptop desktop case without warping spacetime. So taking a look at how CAPP compliance is handled now, could some of the restrictions like the permissions be handled in a more modular way? Could for example, things be changed so I could install a specialized fedora-CAPP package at install time which tightens up aspects of the system to bring it into CAPP compliance, instead of expressing those restrictions in the defualt settings of all installs? -jef -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
