Le lundi 16 février 2009 à 12:59 +0100, Christoph Anton Mitterer a écrit : > On Mon, 2009-02-16 at 08:11 +0100, Julien Valroff wrote: > > Added to SVN - will be part of the next upload. > > What a strange name for a man page ! > Yeah it is :-) Thanks. > > Actually that's a bigger "problem" here. > There are many packages in Debian which produce suspicious files or so. > e.g. I have to add: > ALLOWPROCDELFILE=/usr/sbin/anacron > ALLOWPROCDELFILE=/bin/dash > ALLOWPROCDELFILE=/bin/run-parts > on nearly each system. > > And firefox/xulrunner also as for example some deleted files that he's > using. > > > Should we add all these files to the default config (of course > commented)?! No, I am not for this. It is the sysadmin's responsibility to check what should or should not be whitelisted. Giving some examples is ok, especially for "strange" files like .k5login.5.gz, but I don't think adding numerous commented examples would be good (and adding *all* possible files would not even be possible anyway).
Cheers, Julien -- Membre de l'April - « promouvoir et défendre le logiciel libre » - http://www.april.org Rejoignez maintenant près de 4 000 personnes, associations, entreprises et collectivités qui soutiennent notre action -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
