Re: policies for access to local resources
Previously Raul Miller wrote:
> However, it would probably be a good idea to give the people who have
> security concerns an easy way of avoiding this solution when building
> large sets of machines.
This is largely orthogonal to the current issue, but it would be nice if
d-i had a 'select machine type' option where people could select between
'private machine on private network', 'shared machine with trusted
users', 'shared machine with untrusted users', 'server' or something
similar which would affect:
* default firewall (block/allow all incoming connections)
* package selection (do/don't install pam_console for example)
Wichert Akkerman <email@example.com> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.