On Thu, 19 May 2011 13:40:47 -0400 aragonx@xxxxxxxxxx wrote: > Isn't that only part of the > solution? Why would we ever need to have PermitRootLogin to > true? My memory is a little rusty but I'm pretty sure the install > forces the creation of a user account. No, it does at firstboot. If you install a headless machine, you have no way to make a user without logging in as root and making one. > I've never done a > headless install so I know nothing about how that works. However, we > shouldn't let a minority of installations compromise the security of > the majority. As someone has already pointed out, can't they have a > different spin to allow whatever they might need? I think there are solutions to this, but they should be worked with the anaconda folks, rather than here. ;) > Are there any > other services that are listening by default and allowed through the > firewall? I believe there should be none of either. However, I > have been called paranoid in the past. :) Nope. Not on a default install anymore I don't think... kevin
Attachment:
signature.asc
Description: PGP signature
-- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
