Thanks for following up on this.. There are many instances when a user will be allowed access to a particular path, and not the containing directory's file list. Take a mail server or example, where a mail system user creates directories where users have access to their own files and folders, but not eachothers. It's also good for /home directory parents so people don't go perusing for other users.. but they certainly can rwx their own /home/user/*
In any case it's VERY misleading to have an explicit command completely ignored by an unstated policy. On Jul 27, 5:18 pm, Peter Meier <peter.me...@immerda.ch> wrote: > Hi > > > > >> Could you outline what you'd like to have in this policy. Not explicitly > >> for this question you raised but more in general. Maybe it's indeed > >> interesting to have one. > > > As someone who works as a security professional and has spent the > > last week interacting with a small army of auditors I vote that > > security policy is often a pain in the arse. :) > > > There are some examples of FOSS security policies: > > >http://www.debian.org/security/ > >http://www.netbsd.org/support/security/ > > > And of course Google will show a few more up - I believe Mozilla has > > one. > > > Generally speaking they define a few basics: > > > 1. Who is accountable for security > > 2. What to do if you find a security issue and where to report > > security issues > > 3. How security patches are handled > > 4. The project's disclosure policy > > ic, thought it's going into this direction, but wasn't sure. thanks! > > cheers pete --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
