On Tue, 2019-11-26 at 08:14 -0800, Adam Williamson wrote: > On Tue, 2019-11-26 at 09:45 +0100, Dominique Martinet wrote: > > Adam Williamson wrote on Mon, Nov 25, 2019 at 03:55:28PM -0800: > > > I gotta say +1 too. I don't buy that there's a significant 'hardening' > > > benefit worth all the effort mentioned in the Change *plus* the > > > additional consequences Kevin and Martin pointed out. At minimum I'd > > > like to see a much more convincing case that people are creating users > > > without passwords without understanding what they're doing. > > > > FWIW this has happened at an association I help at -- they had VMs with > > no root password set, and users created by puppet some of whom have > > sudo. > > They just expected no root password = no login possible, but it turns > > out 'su' just gave out a root shell with no password entered... > > Uh. This sounds odd. How exactly did they do this? Making a root > account with no password is not that easy; you can't do it > interactively through anaconda, I don't even know if you can do it with > a kickstart. So they figured out how to do it post-install but somehow > didn't at the same time figure out what doing it means? Never mind, I see this was answered already. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
