On 2015-02-04, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > I'm neutral to sudo (even though I was taught "the smaller number of > SUID/SGID files you have, the better). Yet, I'm considering it less safe > to have regular user who can log in with GUI interface, and likely to be > doing regular user stuff to have almighty abilities. Yes, I know, I know > he has to prepend "sudo"... OK, this seems to be kind of question of taste > in the majority opinion. I think it's basically six of one, half-dozen of the other. Is a user any more or less likely to screw up his box if he has to log in as root or has to use sudo? I really don't know. OTOH, forcing sudo does have one advantage, in that every sudo command is logged. (If you do sudo su you lose that.) > Yes, Debian and its clones have full fledged root account, only with empty > password hash (thus making it account for which no password will match). > You can enable it by grabbing root shell using sudo, then using command > passwd to set password. voila. I believe that on recent OS Xs this method no longer works (it used to). As to the original topic (heh), isn't it a bit counterproductive to complain about changes in Fedora or RHEL on this list? Those distributions are separate entities with their own decision making processes. If you want to complain about Fedora, go to their list (which IIRC the OP pointed people to). If you want to complain about RHEL, buy a RedHat suport contract. It seems to me that the only legitimate complaints one could make about CentOS would be if they went out of their way to make CentOS different from RHEL in a very suboptimal way. Do you really have any justification for complaining if CentOS enforces the same password requirements on install as RHEL? --keith -- kkeller at wombat.san-francisco.ca.us