Bastille on F10?
Kevin Fenzi
kevin at scrye.com
Mon Dec 15 18:18:48 UTC 2008
On Mon, 15 Dec 2008 09:19:57 -0500
Todd Denniston <Todd.Denniston at ssa.crane.navy.mil> wrote:
> Certain paranoid (they are out to get us :) organizations have rules
> that indicate that: if certain capabilities of a computer system are
> not needed to accomplish the job assigned for that computer, then
> remove|block|disable|destroy that capability.
Sure. What sort of things does Bastille do that for these days?
> i.e., if the job does not need USB capability, remove USB capability
> from the OS or put hotglue in the ports.
>
> Bastille has been getting upgrades lately to check and set things in
> the Linux based OSs to the standards of some of those organizations,
> leaving the hardware available for use if the machine gets repurposed.
How does it do so? blacklisting modules? Removing them?
And how does it know which things you don't need/intend to use?
Asking the user?
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20081215/1b2e25ee/attachment-0001.sig>
More information about the fedora-list
mailing list