From release notes for FC5T3 (web)
Rahul Sundaram
sundaram at fedoraproject.org
Tue Mar 7 17:28:01 UTC 2006
Bruno Wolff III wrote:
>On Tue, Mar 07, 2006 at 21:10:12 +0530,
> Rahul Sundaram <sundaram at fedoraproject.org> wrote:
>
>
>>Just having a program with a security hole on disk through a
>>"everything" installation that you dont use is a potential problem that
>>leaves room for an exploit. Basically dont install stuff that you wont
>>use and audit everything that you install and use carefully. SELinux
>>does go a long way towards preventing many of these issues but the
>>default targeted policy in Fedora doesnt restrict all the programs
>>unlike the alternative strict policy which might require a good amount
>>of customization for regular use.
>>
>>
>
>And just walking around outside risks getting struck by a lightning bolt.
>
>
That looks like a poor analogy. Software security issues occur way more
often than people getting struck by lightning bolts.
>However the vast majority of the packages on Fedora don't fall into those
>categories. And security is not a reasonable excuse for not making it easy
>to install them.
>
>
I am all in support for making it easier to install all the packages
post installation and when Fedora Core shrinks in size to fit specific
user requirements without redundancy like multiple language packs.
--
Rahul
More information about the fedora-list
mailing list