[openstack-dev] [openstack-ansible] Security hardening
Matthew Thode
prometheanfire at gentoo.org
Thu Sep 10 16:57:14 UTC 2015
On 09/10/2015 11:33 AM, Major Hayden wrote:
> On 09/10/2015 11:22 AM, Matthew Thode wrote:
>> Sane defaults can't be used? The two bugs you listed look fine to me as
>> default things to do.
>
> Thanks, Matthew. I tend to agree.
>
> I'm wondering if it would be best to make a "punch list" of CIS benchmarks and try to tag them with one of the following:
>
> * Do this in OSAD
> * Tell deployers how to do this (in docs)
> * Tell deployers not to do this (in docs)
>
> That could be lumped in with a spec/blueprint of some sort. Would that be beneficial?
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
I think that'd work, it'd also allow discussion on if something should
be in each section as well.
--
Matthew Thode
--
-- Matthew Thode (prometheanfire)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150910/a2ccf80e/attachment.pgp>
More information about the OpenStack-dev
mailing list