On Wed, 18 Nov 2009, Jeff Garzik wrote: > On 11/18/2009 07:45 PM, Mike McGrath wrote: > > Stick with the facts, be clear about what you're > > trying to accomplish (changing it back in F13? Changing it back in F12? > > Setting a policy so stuff like this doesn't happen again?) > > > 1) We should recognize this new policy departs from decades of Unix and Linux > sysadmin experience. > > 2) F12 policy should be reverted to F11, ASAP. Possibly with a CVE. > > 3) Due to #1, F13+ should not deviate from the decades-old default. > > 4) Release notes should explain new [and after step #2, optional] policy in > detail, including how to turn it off again. Seth's laudable write-up efforts > should not have been necessary -- that info should be prepared. > > 5) The people who want this new security policy should add an opt-in checkbox > in Anaconda or firstboot. > Does anyone disagree with anything in 1-5? It all sounds reasonable to me? -Mike -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
