diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-April/014886.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-April/014886.html | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-April/014886.html b/zarb-ml/mageia-dev/2012-April/014886.html new file mode 100644 index 000000000..696b5bb74 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-April/014886.html @@ -0,0 +1,144 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Handling single user/rescue/failsafe mode + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj4EbkZg3%2Bv8QEu9ncy5NTenr1CspgkjSOFa1b7syj6odw%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="014885.html"> + <LINK REL="Next" HREF="014887.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Handling single user/rescue/failsafe mode</H1> + <B>Wolfgang Bornath</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj4EbkZg3%2Bv8QEu9ncy5NTenr1CspgkjSOFa1b7syj6odw%40mail.gmail.com%3E" + TITLE="[Mageia-dev] Handling single user/rescue/failsafe mode">molch.b at googlemail.com + </A><BR> + <I>Thu Apr 26 16:26:47 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="014885.html">[Mageia-dev] Handling single user/rescue/failsafe mode +</A></li> + <LI>Next message: <A HREF="014887.html">[Mageia-dev] Handling single user/rescue/failsafe mode +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#14886">[ date ]</a> + <a href="thread.html#14886">[ thread ]</a> + <a href="subject.html#14886">[ subject ]</a> + <a href="author.html#14886">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>2012/4/26 Guillaume Rousse <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">guillomovitch at gmail.com</A>>: +><i> Le 26/04/2012 15:21, Wolfgang Bornath a écrit : +</I>>><i> +</I>>><i> 2012/4/26 Guillaume Rousse<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">guillomovitch at gmail.com</A>>: +</I>>>><i> +</I>>>><i> Le 26/04/2012 14:22, Wolfgang Bornath a écrit : +</I>>>>><i> +</I>>>>><i> +</I>>>>><i> What is the advantage to leave the barn door open? To make it easier +</I>>>>><i> on those who can not remember their root password? Having to find out +</I>>>>><i> how to overcome that small bar will not hurt them but teach them a +</I>>>>><i> lesson. +</I>>>><i> +</I>>>><i> +</I>>>><i> Having to type a password with a misconfigured keyboard is a pain. +</I>>>><i> Really. +</I>>><i> +</I>>><i> +</I>>><i> Yes, that is surely a reasons to put away with all passwords because +</I>>><i> they are all hard to type with a misconfigured keyboard. +</I>><i> +</I>><i> Your comparaison is unfair. Your usually boot in runlevel 1 exceptionnaly, +</I>><i> because your machine is in bad shape, in order to repair it. And as it is +</I>><i> not the usual operating runlevel, you can't usually ensure than than +</I>><i> boot-time configuration is applied correctly. +</I> +How it is unfair? +The question is NOT what people usually do but what people CAN do. If +you go out for lunch, do you leave your desk drawere open for +everybody passing by? No? So why do you do that to your computer? + +>><i> I don't understand that it is not regarded as a contradiction to +</I>>><i> recommend setting a root password at installation and at the same time +</I>>><i> leaving the door wide open by default for reasons of convenience. +</I>><i> +</I>><i> Because usually people interested in security usually consider threat +</I>><i> classes before considering effective countermeasures. And securing physical +</I>><i> access is usually considered worthless. +</I> +Ah, I see. Interesting point of view. + +A computer in an environment of people IS a thread class. A bunch of +adolescent kids IS a threat class. +If your threat classes only include serious criminality (like taking +away the computer) then your threat classes miss reality. +But anyhow, you seem to have never experienced coming back home to +find your root password changed by your well meaning kid (which is one +of the not so serious REAL cases). + +><i> Now, that's just a default setting, this is perfectly subjective, and we may argue for hours about the right thing to do... . +</I> +No, it is not a subjective setting. Because this default setting is +not caused by technical reasons nor is it set because of somebody's +individual opinion. It is set simply for convenience reasons. We (at +Mandrivauser de and other places) have been constantly recommending in +the forums to change this setting and most of the users who are +interested in security do it because they understand the reasoning +behind it. + +But what do I know. This was the last time I argue about such things +here. Do what YOU think is right. +-- +wobo +</PRE> + + + + + + + + + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="014885.html">[Mageia-dev] Handling single user/rescue/failsafe mode +</A></li> + <LI>Next message: <A HREF="014887.html">[Mageia-dev] Handling single user/rescue/failsafe mode +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#14886">[ date ]</a> + <a href="thread.html#14886">[ thread ]</a> + <a href="subject.html#14886">[ subject ]</a> + <a href="author.html#14886">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |