On Thu, Dec 13, 2007 at 11:31:30AM -0500, Eric Paris wrote:
I actually talked to the sysctl.conf owner first who said "if it
is a
good default for everyone turn it on in the kernel"
Ah, I meant in a regular init script and using /etc/sysconfig/security
or something.
which i tended to agree with. But I like Eric's way of enabling
it
better, especially since now every distro will have to choose to
enable/disable rather than just having it ignorable.
Yeah, config option upstream is definitely the sanest way forward. :)
cheers, Kyle