Re: Fedora change that will probably affect RHEL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Once upon a time, Warren Young <wyml@xxxxxxxxxxx> said:
> Much of the evil on the Internet today — DDoS armies, spam spewers, phishing botnets — is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords.

Since most of that crap comes from Windows hosts, the security of Linux
SSH passwords seems hardly relevant.

> Your freedom to use any password you like stops at the point where exercising that freedom creates a risk to other people’s machines.

Your freedom to dictate terms to me stops at my system, which you cannot
access even if I set the password to "12345".  You are making an
assumption that every Fedora/CentOS install is on the public Internet,
and then applying rules based on that (false) assumption.

When root can override a password policy after install, forcing a policy
during install is nothing but stupid and irritating.  Despite what was
said on the Fedora list, this was an active change taken by anaconda
developers (to take out the "click again to accept anyway" option), so
they should expect people to complain to them and be prepared to handle
the response.

-- 
Chris Adams <linux@xxxxxxxxxxx>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux