Mailinglist Archive: opensuse-factory (626 mails)

< Previous Next >
Re: [opensuse-factory] Experience of switching to Factory from Ubuntu
  • From: Alberto Passalacqua <alberto.passalacqua@xxxxxx>
  • Date: Fri, 21 Mar 2008 08:45:14 -0500
  • Message-id: <1206107114.7427.3.camel@xxxxxxxxxxxxxxxxxx>

Il giorno ven, 21/03/2008 alle 14.03 +0100, Oliver Neukum ha scritto:
Am Mittwoch, 27. Februar 2008 20:37:21 schrieb Alberto Passalacqua:
About the "Use the same password for root", I think it's plain wrong.
Using the same password for root and the user reduces security.

Does it? If we don't offer it, people can do it anyway. But if they do
it anyway, we give an attacker a cryptographical advantage by encrypting
the same password twice.

You assume that the attacker know we are using the same password.
Anyway, until that option is _unselected_by_default, as in alpha 3, it's
not a concern for me. I just hope it will stay that way, because,
according to rumours on IRC, it's supposed to be selected by default.

If someone explicitly selects that, it's his fault.

With kind regards,
Alberto

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups
References