Re: [EXT] Proposal to extend os-release/machine-info with field PREFER_HARDENED_CONFIG

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hallo Ulrich, thank you for taking the time to read my proposal.

> Probably because "secure" isn't considered to be "comfortable" by a majority
> of users.

Indeed.

> I think os-relesase describes the operating system, not policies.

You are right. Perhaps machine-info would be a better fit than os-release.
 
> Wouldn't /etc/default/* be the place to look such things up?
 
I am not sure. Is /etc/default standard across distributions? AFAIK it's Debian specific.
We should be looking to address this issue in a distribution independent way, shouldn't we?
 
> You are saying: If we don't get THIS, we get NOTHING instead?
> I would disagree.

My point is that currently there is no way for an administrator/package maintainer to consistently and globaly request/provide secure configuration settings as a default. If there is one (and since you disagree, there seems to be one) I'd like to learn more about it. Could you please post a link to some more information?

Best 
Stefan
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux