James Carlson wrote: > Wyllys Ingersoll writes: >>> It really isn't. /etc/security contains configuration data for >>> system-wide OS security subsystems like auditing, RBAC, and Trusted >>> Extensions. Lots of other services have their own security-relevant >>> configuration settings, but they are kept in their own service >>> configuration files and directories, usually under /etc/<service>. >>> >>> Scott >> Is there a stated rule-of-thumb for using /etc/security? I'm not >> objecting to moving the tor config file, I'm just looking for >> some sort of precedent or consensus. > > The only one I know of is in filesystem(5): > > /etc/security > Basic Security Module (BSM) configuration files. > > The directory seems to predate the ARC. > > I agree with Scott that outside of /etc/security is a better idea. > The file configures this service; it doesn't configure system > security. >
OK, I will move it to /etc/tor filesystem(5) should probably be updated at some point to reflect its current, broader, uses - system-wide security settings for crypto, BSM, KMF, PAM, RBAC, TPM, and TX. -Wyllys
