> I thought that might be the case, but seems like the needs to change
> to meet the "secure by default" goals.
SBD does not apply in this case, AFAIK.
> I doubt an administrator plugging his usb memory key into a system
> wants everyone on the campus to have access to it right away.
Once the RFE I mentioned is implemented, admins should be able to set a
mandatory GCOnf policy. OTOH, once that RFE is implemented, perhaps we
can flip the default policy to a more secure one.
> Since you know about this change, can you tell me what part of hald is
> responsible for setting the permissions this way? If you have to dig
> for it, nevermind, I'll find it myself, just asking if you knew "off
> the top of your head."
tamarack-discuss mailing list