More PATH fallout. Who decided this was a good idea?

Jeff Spaleta jspaleta at gmail.com
Sun Dec 7 23:29:47 UTC 2008


On Sun, Dec 7, 2008 at 5:54 AM, Steve Grubb <sgrubb at redhat.com> wrote:
> Hope you find this informtion useful.

Well it's certainly going to make for a more rational discussion.

I still come back to one thing.  Could the file permissions be
implemented differently so that CAPP compliance could be a system
install time choice, instead of being expressed in the configuration
of all installs?

Sort of how we make it possible for people who care about LSB
compliance to be able to install the necessary bits without enforcing
compliance on everyone else. Just sort of, I'm not suggesting security
compliance and LSB compliance are anywhere close to the same thing in
scope.

But what I am saying is that I'm not sure the restrictions and
assumptions behind the logic of CAPP makes a lot of sense for our
default target usecases.  We don't currently have a server target for
example, and I'm not sure CAPP can be applied to something like a
laptop desktop case without warping spacetime.

So taking a look at how CAPP compliance is handled now, could some of
the restrictions like the permissions be handled in a more modular
way? Could for example, things be changed so I could install a
specialized fedora-CAPP package at install time which tightens up
aspects of the system to bring it into CAPP compliance, instead of
expressing those restrictions in the defualt settings of all installs?

-jef




More information about the fedora-devel-list mailing list