[CentOS] Another Fedora decision

Mon Feb 2 22:30:07 UTC 2015
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Mon, February 2, 2015 4:17 pm, Warren Young wrote:
>> On Jan 31, 2015, at 8:04 AM, James B. Byrne <byrnejb at harte-lyne.ca>
>> wrote:
>>
>> 1. The password strength decision is driven by RH corporate.
>
> So who do you believe is driving RH corporate?  Why are they expending the
> effort to do this?
>
> The answer is clear to me: general security principles.  By the time EL8
> comes out, we’ll have had ~3 years of warnings under EL7 that weak
> passwords would not be tolerated, and they’re finally disallowing them.
> Good!
>
> (More like 6 years, actually, because EL6 gives a red warning bar for weak
> passwords.)
>
> Let’s flip it around: what’s your justification *for* weak passwords?
>
> We use them here temporarily during setup, but we lock the system down
> with a secure unique password before deployment.  Switching to something
> more secure really is not that burdensome.
>
>> 2. There is not going to be any back-off by the developers.
>
> Why would there be?  The trend in security is clear: keep up or get run
> over.
>
> The only question is how quickly forward we proceed, not which direction
> “forward” is.
>
> RHEL has been moving forward pretty darn slowly.  The current system in
> EL7 allows *appallingly* bad passwords.  Passwords that can be cracked in
> reasonable time scales even with SSH’s existing rate-limiting.
>
>> 4. There is absolutely no rational argument that can be made to anyone
>> alter any of this.
>
> That could be because there is no rational reason.
>
> Got one?  Lay it on me.  Please include a description of the threat model
> where a password like byrnej123 should be allowed, which *is* allowed in
> EL7, as long as root is setting it and says “Yes, I really am sure I
> want such a dreadfully easy to crack password.”
>
>> 5. Protesting there is evidently meaningless as well.
>
> While I’ve got the floor, I would like to encourage everyone to send
> mail to god at universe.org to protest tomorrow’s sunrise.
>
> Rationale: Melanoma is bad.
>
>> This change was not discussed
>
> Hmm, yes, let’s hold public committee hearings for every technical
> change.  The resulting bureaucratic mire will surely usher in the Year of
> Linux!
>
>> ( Odd, is it not, that Mr. Williamson professes that there is no
>> secret motive but cannot actually provide one when asked. )
>
> What secret motive *could* there be??  The current security policy is
> weak, and this change fixes that.  End of story.

It's hard to not endorse everything you are saying. As far as motive is
concerned, it is not that secret. Security. RedHat doesn't like poorly
administered machined with RHEL linux get hacked, then many voices saying
saying in the internet: RHEL Linux is not secure, RHEL Linux machines are
getting hacked. Even though the reason is not what it sounds like.

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++