Ed Brown ([EMAIL PROTECTED]) said: > Sorry, but 'sensible security' sounds too much like politico or salesman > speak for "everything works out of the box!"
When the alternative is "wait, you can't talk to the network because ISDN/bridge tools/etc. aren't installed", absolutely. The reason things like that are installed in the default minimal install is that there's not a good mechanism to automatically grab hardware-specific packages specific to your machine. If something like that comes around, that can change. In the meantime, "%packages --nobase" in kickstart should solve your needs - if you're trying to install a large group of servers, you absolutely should be using kickstart. > Unless RedHat gets more involved in the preparation of the secure > configuration guides, and/or publicly documenting their disagreements > with specific recommendations, Well, I'm not sure scouring the net for guides to disagree with is practical, but critiquing some of the common ones could be useful. > and implementing (or offering optional > implementation, or extra tools to help implement) a more secure > installation https://fedorahosted.org/sectool ? Bill _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
