On Thu, Jan 15, 2015 at 11:25 PM, Adam Williamson <adamwill@xxxxxxxxxxxxxxxxx> wrote: > On Thu, 2015-01-15 at 12:08 -0800, Brian C. Lane wrote: >> >> 2. Don't allow weak root passwords at all. Remove the double done >> click to bypass it. This will annoy me while installing vms >> repeatedly, but it is an improvement while still allowing remote >> access. > > It will also make QA people hate our lives. srsly, sounds like a small > thing, but typing 'correcthorse' 25,674 times during a release cycle > will drive me freaking batty. if we go to onerous root pw > requirements, we're really gonna need a sekrit cmdline switch to > disable it or something. I have to agree. I dislike this feature so much I'd rather read of some small corner of the Internet burn because one of our users had too much gin one night while configuring Fedora, used 12345 as their root password, and the computer was made part of a giant botnet overnight. I assume that's the sort of thing we're trying to prevent? Preventing collateral damage? Because baby sitting users who can't be bothered to set sufficiently strong passwords is really inappropriate. -- Chris Murphy _______________________________________________ Anaconda-devel-list mailing list Anaconda-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/anaconda-devel-list
