-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 16 June 2008 16:31:58 Philipp Marek wrote:
> This would (in my default-debian case) mean:
> - no asterisk
> - no squid
> - no logcheck
[...]
Perfect! Most of these may include sensitive information. Some are, in
my opinion, stupidly restricted, e.g.:
> - no at.deny
But we're not going to change the world in a day. Assuming fsvs
attracts enough users, those users could lobby package maintainers to
relax where apropriate. In the meantime, we just need the best
possible coping mechanism(s).
So how best to cope? These points assume that fsvs is being used for at
least /etc:
1) Allow "include", "ignore" or "gpg commit-pipe" as the action to take
for files that are not world readable. I think a default of
"gpg commit-pipe" would be more useful to more people for /etc.
2) Either way, provide useful diagnostic output that indicates what's
going on.
3) This tilts me toward "/etc versioning as a separate fsvs-config"
package. Otherwise, you end up with a conditional or extraneous
dependency on gnupg that some users won't want.
Ciao
Sheldon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIVn3QpGJX8XSgas0RAhFEAKCm3L5emWK90uVQxRyNLgyUBsgQAQCdHfUc
3u+n+451EGyERCcBiPh4pZw=
=N0pp
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
