[CentOS] Another Fedora decision
Always Learning
centos at u64.u22.net
Mon Feb 2 23:31:35 UTC 2015
On Mon, 2015-02-02 at 15:17 -0700, Warren Young wrote:
> The answer is clear to me: general security principles. By the time EL8 comes out, we’ll have had ~3 years of warnings under EL7 that weak passwords would not be tolerated, and they’re finally disallowing them. Good!
>
> (More like 6 years, actually, because EL6 gives a red warning bar for weak passwords.)
>
> Let’s flip it around: what’s your justification *for* weak passwords?
Wrong point. Wrong focus. Ultimately it is for the deployer (and the
user if Root) to determine. To suggest otherwise is pure arrogance.
M$ users do not own their machines. M$ does. M$ determines what they can
do and what data M$ secretly collects on them, stores on the machine and
prevents the user viewing. Seems like another move towards emulating M$.
If testing then a one character password is very acceptable to me. Why
should some arrogant nutter impose an arduous ultra secure password when
a simple one character password will suffice ? Who knows the machine,
the deploying environment and the circumstances better ? The user or
some anonymous and arrogant nutter perhaps many thousands of miles (or
kilometers) away ?
Remember machines should be working for the convenience of Humanity -
not for the convenience of anonymous nutters who know absolutely nothing
about the user's work situation ! Generally having strong passwords is
good however generalised circumstances should never be forced down the
throats of loyal users. An English (as in England, Europe) saying is:-
Rules were made for the guidance of wise men,
but for the obedience of fools !
If everyone is willing to donate USD 1, then perhaps we could lend him
to M$ where security is so lax he could do some enormous good.
No need to waffle Warren. You've lost this one :-)
--
Regards,
Paul.
England, EU. Je suis Charlie.
More information about the CentOS
mailing list