Hi
On Thu, Mar 3, 2022 at 5:07 PM Lennart Poettering wrote:
There have been various requests of generalizing this, and making it
available for any kind of service, not just portable services. I'd be
onboard with that actually, but there are some unanswered questions
regarding how distros and packages would start switching to a world of
profiles, where suddenly things are locked down by default. But it
would be a different model then: instead of individually turning on
knobs, each software would pick a profile to use, and every year or so
would be expected to update to a more current profile with stronger
protections. If it doesn't do that it would continue to work, but it
would be clear it is security-wise out of date.
All of this sounds pretty nice, I would certainly be interested in adopting something like at work and will try to keep an eye on PR's related to this. Feel free to tag me for testing/feedback etc whenever this is being worked on, would be happy to help.
Rahul
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure