[opensuse] Re: Should openSUSE review it's Security Policies?
Dr. Werner Fink wrote:
Please do not ignore that I'm paid primarily for SLES products and less for openSUSE. OpenSUSE is a community project and if I find time to work on OpenSUSE I'll do this. The last few months I've been busy with SLES11-SP2 on several architectures and also very busy to solve several bugs with ksh93. There was sparse time for OpenSUSE:(
This "policy" is a show stopper in the corporate world. Companies will not use openSUSE if it prevents employees from using the computers away from the office. The customers which hit my bugzilla are using SLES and I've to solve those entries. There is no time for arrogance as the time lines are well defined for SLES products (24/7). Bugs of my packages which had hit me on SLES products I've also fixed for my packages on openSUSE.
Security requirements for a server are quite different for a desktop system, particularly when that desktop is a notebook that's intended to be used in mulitple locations. Server printers should definitely require root to configure and I don't see many servers running WiFi. So, what's good for one environment may not be appropriate for the other. In setting security policy, there's no such thing as "one size fits all" and the details should be configurable. As I mentioned, I have no problem with that securty profile that requires root password for WiFi and printers, provided it's not mandetory, as it appears to be now. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, Mar 02, 2012 at 10:15:39AM -0500, James Knott wrote:
Dr. Werner Fink wrote:
Please do not ignore that I'm paid primarily for SLES products and less for openSUSE. OpenSUSE is a community project and if I find time to work on OpenSUSE I'll do this. The last few months I've been busy with SLES11-SP2 on several architectures and also very busy to solve several bugs with ksh93. There was sparse time for OpenSUSE:(
This "policy" is a show stopper in the corporate world. Companies will not use openSUSE if it prevents employees from using the computers away from the office. The customers which hit my bugzilla are using SLES and I've to solve those entries. There is no time for arrogance as the time lines are well defined for SLES products (24/7). Bugs of my packages which had hit me on SLES products I've also fixed for my packages on openSUSE.
Security requirements for a server are quite different for a desktop system, particularly when that desktop is a notebook that's intended to be used in mulitple locations. Server printers should definitely require root to configure and I don't see many servers running WiFi. So, what's good for one environment may not be appropriate for the other.
In setting security policy, there's no such thing as "one size fits all" and the details should be configurable. As I mentioned, I have no problem with that securty profile that requires root password for WiFi and printers, provided it's not mandetory, as it appears to be now.
You've asked by a PM and my answer was a PM ... why can I read this now on the mailing list? Werner -- "Having a smoking section in a restaurant is like having a peeing section in a swimming pool." -- Edward Burr -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Dr. Werner Fink wrote:
You've asked by a PM and my answer was a PM ... why can I read this now on the mailing list? Sorry, my mistake.
I normally read email with minimal headers shown, so I didn't notice it was an off list message. Since it appeared to be part of the thread, I changed the To: address, as you have to do on this list for list messages. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Dr. Werner Fink -
James Knott