Gene Czarcinski (gene@xxxxxxxxx) said: > Keep it simple (KISS) for the initial attempt. It will grow more complicated > all by itself as time passes. > > BTW, the security policy should assume that a grub password is in use so that > a user cannot do something like disabling selinux by editing the kernel > command line. This should be tested by the security QA. That seems very broken. A security policy that is violated on every single out of the box install that doesn't do customization? Bill -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list