raising warning flag on firewalld-default feature

[Alek Paunov]

Hi Simon,

On 28.11.2012 14:43, Simon Lukasik wrote:
> I can't see how this is related to my latest post. And I can't see what
> leads you to think that cross-platform scanning is feasible today
> (standard-wise and performance-wise).
>

Please check this very informative post from Steve (OVAL board member):

http://www.mail-archive.com/devel@lists.fedoraproject.org/msg50625.html

We (the camp arguing for "flexible" configurations) should identify 
clever proposal at least conforming the following:

  * Will be able to be "cold" (statically) assessed through current or 
future OVAL (first and most important use-case - VM images evaluation, 
second - augeas and alike on the live systems, third - custom auditing 
agents)

  * Will looks cool for the sysadmins (the config languages users) (I am 
in doubt that any traditional scripting language will bring high score 
on this criteria)

  * Will enable desired (for the non-trivial cases) flexibility

Kind regards,
Alek