On Fri, 2015-01-30 at 14:03 -0800, Adam Williamson wrote: > I think the main point is the one nirik made; I don't think the devs > agree with your assessment of how significant this is. It's a minor > inconvenience; you just have to come up with a password that passes > the check, or use a kickstart. So I don't think they agree that it > needs a full-blown security audit and FESCo review or whatever, > because they don't think it's really that huge of a change in > behaviour. Having to come up with a password that passes the check is not 'a minor inconvenience'. Given how capricious libpwquality is about scoring (there have been some examples in this thread, there are more in gnome-initial-setup bugs), it is next to impossible. This discussion has been pretty heated, but I agree with there being some aspect of 'collective punishment' here: just because _some_ systems get installed with sshd enabled, all users who install the Workstation have to spend a couple of frustrating minutes trying to find a password that gets them past this hurdle. If this change stays, I anticipate the Workstation WG asking for a way to the workstation installer not enforce this. I know the anaconda folks are not eager to add variations like this, but that is exactly what we need: If you want to enforce product-specific policy in the installer, it needs to be a product-specific installer. -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
