[CentOS] Another Fedora decision

Always Learning centos at u64.u22.net
Mon Feb 2 23:31:35 UTC 2015


On Mon, 2015-02-02 at 15:17 -0700, Warren Young wrote:


> The answer is clear to me: general security principles.  By the time EL8 comes out, we’ll have had ~3 years of warnings under EL7 that weak passwords would not be tolerated, and they’re finally disallowing them.  Good!
> 
> (More like 6 years, actually, because EL6 gives a red warning bar for weak passwords.)
> 
> Let’s flip it around: what’s your justification *for* weak passwords?


Wrong point. Wrong focus. Ultimately it is for the deployer (and the
user if Root) to determine.  To suggest otherwise is pure arrogance.

M$ users do not own their machines. M$ does. M$ determines what they can
do and what data M$ secretly collects on them, stores on the machine and
prevents the user viewing. Seems like another move towards emulating M$.

If testing then a one character password is very acceptable to me. Why
should some arrogant nutter impose an arduous ultra secure password when
a simple one character password will suffice ?  Who knows the machine,
the deploying environment and the circumstances better ?  The user or
some anonymous and arrogant nutter perhaps many thousands of miles (or
kilometers) away ?

Remember machines should be working for the convenience of Humanity -
not for the convenience of anonymous nutters who know absolutely nothing
about the user's work situation !   Generally having strong passwords is
good however generalised circumstances should never be forced down the
throats of loyal users. An English (as in England, Europe) saying is:-

	Rules were made for the guidance of wise men,
	but for the obedience of fools !

If everyone is willing to donate USD 1, then perhaps we could lend him
to M$ where security is so lax he could do some enormous good.

No need to waffle Warren. You've lost this one :-)

-- 
Regards,

Paul.
England, EU.      Je suis Charlie.





More information about the CentOS mailing list