On 11/19/2009 04:45 PM, Richard Hughes wrote: > So obviously we need some middle ground. I guess if the spins > "personalise" the package set then they should also personalize the > security defaults. e.g. a server spin would not include PackageKit at > all, and default to not letting users change the time. A desktop spin > would allow the desktop user to do most things without a administrator > password. The tricky part is deciding a default policy that is > suitable for all the people using Fedora, which honestly, I think is > impossible. Right. The alternative really is defining the roles and the target audience clearly for distinct set of policies and allowing the user to trivially select it during or post-installation. So if I pick "personal desktop", the change you made makes sense. If on the other hand, I choose "workstation" profile, I would obviously need a more locked down profile. Rahul -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
