؛/ٍُِ
On Fri, May 17, 2019 at 10:35 PM Kevin Fenzi <kevin@xxxxxxxxx> wrote:
On 5/17/19 5:23 AM, Stephen Gallagher wrote:
...snip...
PLEASE I AM NOT SUBSCRIBING THIS THREAD AND ALL FEDORA ANYMORE IAM NOT IN GSOC I DO NOT WANT THESE MAILS PLASE !!!!!!!!!!!!!!!!!!!!!!!!!!!
> 3) Force Anaconda to require the creation of a non-root user that is a
> member of the `wheel` group, so that this user can be used to SSH in
> and administer the system. Essentially, remove the root user creation
> spoke as an option from the interactive install.
So, this is basically the old cloud-init makes a user that can sudo to
root thing. Can anyone explain in small words how this is more secure?
I mean, in this case the attacker would need to guess the username in
addition to the password (where in the cloud cause this is known), but
otherwise why not just keep root password access ?
I always found that cloud default anoying and useless and haven't yet
seen a good argument to not do it.
kevin
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
