Mailinglist Archive: opensuse-factory (905 mails)
| < Previous | Next > |
Re: [opensuse-factory] openSUSE updater broken
- From: "Rajko M." <rmatov101@xxxxxxxxxxx>
- Date: Sun, 1 Jun 2008 23:40:23 -0500
- Message-id: <200806012340.23118.rmatov101@xxxxxxxxxxx>
On Saturday 31 May 2008 12:12:20 pm Casual J. Programmer wrote:
https://bugzilla.novell.com/show_bug.cgi?id=381420
This is the same discussion as this one.
Without idea how most of the users respond to system request for more
passwords discussion leads nowhere. Even hundred ridiculous passwords are not
safer than one good, and taking that most of the people tend to easy
solutions, asking for one password may produce more good passwords than
asking for 2.
Besides what prevents users to use the same password for both, with more
hassle to fill extra fields. System can't refuse password because it is
already in use; that would be security hole.
It would be better to discuss how to force certain password properties in an
easy way. For instance by giving option to use one of few random proposals.
https://bugzilla.novell.com/show_bug.cgi?id=371811
This not the same topic.
In case where machine is used by single physical user, it doesn't matter if
any user or only administrator can change system time, but if kids have to
use the same machine than it matters. This is clearly bug as it doesn't cover
pretty common use case.
--
Regards, Rajko
http://en.opensuse.org/Portal needs helpful hands.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
See also Bug 381420 and Bug 371811 for reference. I think we can't
protect a user ( especially a beginner ) from jeopardizing his
installation, but we should surely make him aware of the consequences
instead of removing security measures by default.
https://bugzilla.novell.com/show_bug.cgi?id=381420
This is the same discussion as this one.
Without idea how most of the users respond to system request for more
passwords discussion leads nowhere. Even hundred ridiculous passwords are not
safer than one good, and taking that most of the people tend to easy
solutions, asking for one password may produce more good passwords than
asking for 2.
Besides what prevents users to use the same password for both, with more
hassle to fill extra fields. System can't refuse password because it is
already in use; that would be security hole.
It would be better to discuss how to force certain password properties in an
easy way. For instance by giving option to use one of few random proposals.
https://bugzilla.novell.com/show_bug.cgi?id=371811
This not the same topic.
In case where machine is used by single physical user, it doesn't matter if
any user or only administrator can change system time, but if kids have to
use the same machine than it matters. This is clearly bug as it doesn't cover
pretty common use case.
--
Regards, Rajko
http://en.opensuse.org/Portal needs helpful hands.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |