Bug 133711 - RFE: Console policy in firstboot to set RHEL4 behaviour and help lockdown
RFE: Console policy in firstboot to set RHEL4 behaviour and help lockdown
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: firstboot (Show other bugs)
5.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Chris Lumens
: FutureFeature, Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-26 14:19 EDT by Alan Cox
Modified: 2009-01-28 08:32 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-28 08:32:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Alan Cox 2004-09-26 14:19:51 EDT
Logging this discussion for the future.

[Alan]
> for example be happy that a user could understand the following along
> with the other security related bits at install/firstboot
>
> Which of the following best describes this system
>
> [X]   Personal laptop or desktop. Anyone with physical access to the
>       machine can be reasonably trusted to use USB, floppy and CD-ROM
>       devices attached to the machine, or to administer it.
>
> [ ]   Corporate desktop. Users with physical access may not be trusted
>       to administer the machine but are permitted to power it down and
>       use the USB floppy and CD-ROM devices.
>
> [ ]   Locked down. Users with physical access may not be trusted. No
>       administrative rights or trust are implied by physical access
to the
>       computer.
>
> At a higher level that is the dialog I'd like to see as a system
administrator
> when doing an install (or scripting kickstart).
           
[Owen]                                                               
     
I have no trouble asking the user a very small number of high level
questions that let us establish reasonable defaults. Something like
above set of choices (modulo quibbles) looks fine to me.
                                                                     
          
What needs to be avoided is interrupting the user's work flow to ask
them to make security judgment calls.
Comment 1 RHEL Product and Program Management 2007-10-19 15:17:40 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.