Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
[opensuse] Re: Should openSUSE review it's Security Policies?
  • From: Jim Henderson <hendersj@xxxxxxxxx>
  • Date: Fri, 2 Mar 2012 13:55:41 +0000 (UTC)
  • Message-id: <jiqjgt$413$1@dough.gmane.org>
On Fri, 02 Mar 2012 13:23:13 +0000, Dave Howorth wrote:

There's been a huge amount of discussion in this thread about many
different use cases. But I don't think requirements analysis is really
the difficult bit. I think Werner's right.

Does anybody have any concrete suggestion for how the system should
behave? (Or better yet, some code to implement it! :)

I suggested that there be a few security profiles - a low security,
medium security, and high security profile.

Along with a tool that's easy to use to tweak the policykit policies in
the event that one of the presets doesn't meet the needs precisely enough.

Default to the medium security profile. Let the user pick an option at
install time, and give them a YaST module to change it if it's too
restrictive (or not restrictive enough).

The user should be able to see what the policy currently lets them do.

Jim

--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups