On Apr 1, 2012 2:27 PM, "Rémy Oudompheng" <remyoudompheng@gmail.com> wrote:
>
> Le 1 avril 2012 01:56, Tom Gundersen <teg@jklm.no> a écrit :
> > * Remove /var/lock form valid paths. It is already forbidden, so should not be valid.
> > * Empty most of /lib. We want to empty /lib over time. This explicitly allows the subdirs
> > that would need a coordinated rebuild to empty, and disallows everything else.
>
> Why leave /lib/security? Can we coordinate a pam rebuild?
>
> Rémy.
Sure, it would be the next step. Then the kernel modules. Only reason I left it in is that we have not done it yet. I guess you are right and that we might as well remove security now and do a rebuild asap.
Do you want to removed it or should I send a new patch?
T