From: Jeremy R. <jj...@ri...> - 2009-04-02 16:50:37
|
A drawback is that you can't manage anything else about the files, such as their ownership and permissions. Depending on your needs for security, that may or may not be an issue (and I honestly don't know if "repair permissions" on Mac OS X would mitigate it at all, since those files shouldn't be listed in any of default installer packages for the OS). But a benefit is that -- unlike the negative/scripting approach -- you don't have to introduce the complexity of another script. The script will have maintenance overhead for itself, its support system (i.e. running at startup), and for the command files it is in. I've been thinking about moving to excludes for SSH host keys, myself, but haven't made that change. It seems a reasonable one to make. -- Jeremy Reichman |