Re: policies for access to local resources

To: debian-ctte@lists.debian.org, 166718-quiet@bugs.debian.org
Subject: Re: policies for access to local resources
From: Raul Miller <moth@debian.org>
Date: Thu, 1 Apr 2004 07:55:40 -0500
Message-id: <[🔎] 20040401075540.W24398@links.magenta.com>
In-reply-to: <[🔎] 20040401123804.GD28856@wiggy.net>; from wichert@wiggy.net on Thu, Apr 01, 2004 at 02:38:04PM +0200
References: <8765ck122g.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 20040401072940.V24398@links.magenta.com> <[🔎] 20040401123804.GD28856@wiggy.net>

On Thu, Apr 01, 2004 at 02:38:04PM +0200, Wichert Akkerman wrote:
> This is largely orthogonal to the current issue, but it would be nice if
> d-i had a 'select machine type' option where people could select between
> 'private machine on private network', 'shared machine with trusted
> users', 'shared machine with untrusted users', 'server' or something
> similar which would affect:
> 
> * default firewall (block/allow all incoming connections)
> * package selection (do/don't install pam_console for example)

You're right that this is largely orthogonal to the current issue.

However, I do not think it's largely orthogonal to the solution space we
need to be addressing to resolve this local resources issue.  This issue
came up at least in part because of our current approach to security
administration and machine configuration.

It would probably be appropriate to issue some longer-term advice in
addition to any recommendations on pam_console.

-- 
Raul

Reply to:

References:
- policies for access to local resources
  - From: Raul Miller <moth@debian.org>
- Re: policies for access to local resources
  - From: Wichert Akkerman <wichert@wiggy.net>

Prev by Date: Re: policies for access to local resources
Next by Date: Re: Referring bug #166718 and the initial groups issue to the TC
Previous by thread: Re: policies for access to local resources
Next by thread: Re: policies for access to local resources
Index(es):
- Date
- Thread