On Nov 20, 2007 2:31 PM, Alex Noordergraaf <Alex.Noordergraaf at sun.com> wrote: > Darren J Moffat wrote: > > I've given this a lot of thought and I've finally come a conclusion. > > > > Ideally I would prefer to see more (maybe not all) the changes that JASS > > makes to the default configuration made the default configuration in the > > relevant consolidations (mostly this is ON). My recent thread on > > As an aside - I think that the direction for default changes should work > towards alignment with consensus standards such as CIS. > > > stronger password defaults is a step in that direction. However until > > Agreed. > > > such times as we have done that AND we have somewhere in the system the > > equivalent of the JASS auditing (config check) capability I think we > > need JASS to continue. > > Absolutely agree. > > > So I'm supporting this project with the main goal of it being to > > actually get as much as possible out of JASS and make it smaller as time > > goes on. I would like to see the new JASS project team work with the > > SMF and Install communities/projects to achieve this, with the ultimate > > goal being JASS is no longer a separate component or feature. > > > > I think we do need a source repository for this but I'm not sure about > > the need for a separate mailing list from security-discuss - in fact > > given that the goal is integration and the amount of work that needs to > > be done with other opensolaris.org communities I think a separate list > > initially would be detrimental to that goal. > > > > So: +1 > > Fantastic. Thanks to Glenn/Dan for their approval as well. > > In order to make this happen need additional support from members of the > community. > > So, community members, if you are interested in having this happen > please speak up!
I am all for this! Thanks, - Ryan -- UNIX Administrator http://prefetch.net
