|
On 01/12/2015 08:05 AM, P J P wrote:
Again, issue being addressed is not of brute force attacks. But that of such attacks resulting in gaining 'root' access to remote machines. They are two distinct issues. There still needs to be an administrative access to the system, and the most common implementation by enabling 'sudo' on the non-privileged account. So, in a sense you are both right: this feature is just a small step rather than a security panaceum, but it does bring real improvements in several areas: - increases difficulty of the attack by banning stupid automated BF attacks on root - improves accountability for administrative actions (we know which admin messed up :) - allows more granularity in granting elevated privileges across a set of machines and admins |
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
