On 03/03/2012 03:32 PM, Scott Doty wrote:
On 03/02/2012 04:16 AM, Tim Waugh wrote: They closed it as an upstream bug. Then upstream, there doesn't seem to have been an investigation of the bug(?), and it was resolved. Bug was closed "notabug" by freedesktop.org, since (they explain) this is a policy decision they've made, and not a flaw in the software. I've reopened the bug with this text appended to this message, and I'd also like to thank David Zeuthan for speaking up about what is truly a moronic security policy. -Scott This is the second time in two years that this has been brought up, and ignored. Let's not let it slip through the cracks this time, but make sure we get this straightened out. Can you please put me in touch with whomever is in charge of setting this policy? I would like to exchange correspondence with the group or committee. Or if you prefer, please point them at this bug, which I've reopened. It should be noted that in virtually all cases, the user can contact network printers on their own. It is actually less secure to ask for the root password for this case, because it isn't needed whatsoever to accomplish the task at hand. Thus, asking for the password does nothing but expose the plaintext root password to the system, which is an opportunity to intercept the root password Thank you for your time, especially on a weekend. :) -Scott |
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
