On Fri, 2003-03-07 at 17:25, Pierre Fortin wrote: ... > In this case, I *want* 700... no sane automated "security" system should > ever *reduce* security levels setup by the owner... it's downright nasty > IMNSHO... ... > <rant> > msec should check existing permissions when run; if they are tighter than > what would be set, LEAVE THEM ALONE *AND* RECORD the settings as the > MINIMUM for the current level -- in other words, if /home/* are 700 at > level 3, the user tries level 4, and goes back to 3, the perms should > still be 700! > > NEVER EVER reduce security levels set by the owner! It's downright > irresponsible... and NO, telling the users to add local rules after lower > their security is not acceptable -- fix the logic! > </rant>
I do agree with you, but I also see Mandrake's point and I think that this comes from several distros of telling people that a workstation OS clearly not intended as a server should be using levels 4 and 5 and buckled tighter than NORAD. User installs system, user follows installer recommendation and chooses level 4. User spends several days trying to make Level 4 work before realizing that msec is the problem. Now, in your recommendation user must wipe the disk and start over from scratch. In msec's current implementation, user simply alters the security level to 3 and the system heals itself (in theory). -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
