Mailinglist Archive: opensuse (4654 mails)
| < Previous | Next > |
Re: [opensuse] [feature-request] passwordless users in Yast
- From: Anders Johansson <andjoh@xxxxxxxxxx>
- Date: Wed, 24 Jan 2007 22:06:51 +0100
- Message-id: <200701242206.51310.andjoh@xxxxxxxxxx>
On Wednesday 24 January 2007 21:52, Peter Bradley wrote:
> Ysgrifennodd Anders Johansson:
> > and if you run as root, this won't protect you at all
> >
> > If you run as root, you deserve everything you get. It's folly and
> > stupidity, and I certainly hope you're not suggesting this to any other
> > newbies you're showing linux to.
>
> In fairness, I don't think that was what this marginal troll was saying.
You're right, I misread. I thought he wanted to run without a user account,
but he only wants his user account to not have a password
If he doesn't allow logins at all on his system, that might not be a security
hole, so that's not so bad as running as root
But it shouldn't be the default, the default should be to force it. At
present, it doesn't force a strong password, you can have the password
"hello", and yast will produce warnings about it but it will let you do it. I
don't think this is a bad thing
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
> Ysgrifennodd Anders Johansson:
> > and if you run as root, this won't protect you at all
> >
> > If you run as root, you deserve everything you get. It's folly and
> > stupidity, and I certainly hope you're not suggesting this to any other
> > newbies you're showing linux to.
>
> In fairness, I don't think that was what this marginal troll was saying.
You're right, I misread. I thought he wanted to run without a user account,
but he only wants his user account to not have a password
If he doesn't allow logins at all on his system, that might not be a security
hole, so that's not so bad as running as root
But it shouldn't be the default, the default should be to force it. At
present, it doesn't force a strong password, you can have the password
"hello", and yast will produce warnings about it but it will let you do it. I
don't think this is a bad thing
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |