Hello Folks, I support keeping any additional security on my default. I would alctually support having more security enabled by default in any cloud image since it is most likely sitting on top of an environment you don't directly manage (Amazon EC2).
Would it make more since to trigger an additional configuration dialog that would help with fine-grained configuration of the images security features. This could be a script based config triggered after Anaconda finished. I know this would be yet another feature to develop and implement, but I would prefer to have a cloud image "locked down" as much as possible by default, but make it as simple as possible for a novice to disable features they may not need. This is a good debate though. Wilbur On Wednesday, September 11, 2013, Dennis Gilmore wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > El Tue, 10 Sep 2013 23:36:01 -0400 (EDT) > Sam Kottler <skott...@redhat.com <javascript:;>> escribió: > > Greetings, > > > > Given the deny-by-default nature of security groups I think it makes > > sense to disable firewalld in the AMI's. I haven't seen any other > > AMI's that have a firewall enabled by default and we probably > > shouldn't break that pattern IMO. > > > > Thoughts? > > Lets not, for one the image in EC2 is exactly the same image we make > available for download in any and every cloud provider or for use on > your local machine with a suitable local metadata service provider. > > use in EC2 is only a portion of the use of the image. > > Dennis > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.21 (GNU/Linux) > > iEYEARECAAYFAlIwre4ACgkQkSxm47BaWfd//wCfbqOfJn2M8CKjcHCiLRd+9TsR > YvoAnRDY4/1A5bCONiR+QlVyHIVNyFs0 > =3Pzs > -----END PGP SIGNATURE----- > _______________________________________________ > cloud mailing list > cloud@lists.fedoraproject.org <javascript:;> > https://admin.fedoraproject.org/mailman/listinfo/cloud > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > -- Wilbur K. Smith wilbur.k.sm...@gmail.com
_______________________________________________ cloud mailing list cloud@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/cloud Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
