Security policy oversight needed?
Bill Nottingham
notting at redhat.com
Thu Nov 19 19:56:33 UTC 2009
Colin Walters (walters at verbum.org) said:
> > Which is why you do it with specifically selected policy packages, and
> > not trying to write out files in %post. Create a set of policy packages
> > that define certain user cases, and pick from those as you construct a
> > spin.
>
> This makes sense to me; but there are details to work out.
>
> * Do we have any guidelines on what the policy should be in upstream
> source? Corresponding Fedora RPMs?
No, but we probably should.
> * Do we have a fedora-default-policykit-policy?
polkit-desktop-policy?
> * How do we get this installed on upgrades? Code in preupgrade?
In that case, it gets pulled in as a gnome-session dependency.
Bill
More information about the fedora-devel-list
mailing list