[Mageia-dev] Handling single user/rescue/failsafe mode
Guillaume Rousse
guillomovitch at gmail.com
Thu Apr 26 15:58:32 CEST 2012
Le 26/04/2012 15:21, Wolfgang Bornath a écrit :
> 2012/4/26 Guillaume Rousse<guillomovitch at gmail.com>:
>> Le 26/04/2012 14:22, Wolfgang Bornath a écrit :
>>>
>>> What is the advantage to leave the barn door open? To make it easier
>>> on those who can not remember their root password? Having to find out
>>> how to overcome that small bar will not hurt them but teach them a
>>> lesson.
>>
>> Having to type a password with a misconfigured keyboard is a pain. Really.
>
> Yes, that is surely a reasons to put away with all passwords because
> they are all hard to type with a misconfigured keyboard.
Your comparaison is unfair. Your usually boot in runlevel 1
exceptionnaly, because your machine is in bad shape, in order to repair
it. And as it is not the usual operating runlevel, you can't usually
ensure than than boot-time configuration is applied correctly.
> I don't understand that it is not regarded as a contradiction to
> recommend setting a root password at installation and at the same time
> leaving the door wide open by default for reasons of convenience.
Because usually people interested in security usually consider threat
classes before considering effective countermeasures. And securing
physical access is usually considered worthless.
Now, that's just a default setting, this is perfectly subjective, and we
may argue for hours about the right thing to do...
--
BOFH excuse #394:
Jupiter is aligned with Mars.
More information about the Mageia-dev
mailing list