From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2012-April/014886.html | 144 ++++++++++++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 zarb-ml/mageia-dev/2012-April/014886.html (limited to 'zarb-ml/mageia-dev/2012-April/014886.html') diff --git a/zarb-ml/mageia-dev/2012-April/014886.html b/zarb-ml/mageia-dev/2012-April/014886.html new file mode 100644 index 000000000..696b5bb74 --- /dev/null +++ b/zarb-ml/mageia-dev/2012-April/014886.html @@ -0,0 +1,144 @@ + + + + [Mageia-dev] Handling single user/rescue/failsafe mode + + + + + + + + + +

[Mageia-dev] Handling single user/rescue/failsafe mode

+ Wolfgang Bornath + molch.b at googlemail.com +
+ Thu Apr 26 16:26:47 CEST 2012 +

+
+ +
2012/4/26 Guillaume Rousse <guillomovitch at gmail.com>:
+> Le 26/04/2012 15:21, Wolfgang Bornath a écrit :
+>>
+>> 2012/4/26 Guillaume Rousse<guillomovitch at gmail.com>:
+>>>
+>>> Le 26/04/2012 14:22, Wolfgang Bornath a écrit :
+>>>>
+>>>>
+>>>> What is the advantage to leave the barn door open? To make it easier
+>>>> on those who can not remember their root password? Having to find out
+>>>> how to overcome that small bar will not hurt them but teach them a
+>>>> lesson.
+>>>
+>>>
+>>> Having to type a password with a misconfigured keyboard is a pain.
+>>> Really.
+>>
+>>
+>> Yes, that is surely a reasons to put away with all passwords because
+>> they are all hard to type with a misconfigured keyboard.
+>
+> Your comparaison is unfair. Your usually boot in runlevel 1 exceptionnaly,
+> because your machine is in bad shape, in order to repair it. And as it is
+> not the usual operating runlevel, you can't usually ensure than than
+> boot-time configuration is applied correctly.
+
+How it is unfair?
+The question is NOT what people usually do but what people CAN do. If
+you go out for lunch, do you leave your desk drawere open for
+everybody passing by? No? So why do you do that to your computer?
+
+>> I don't understand that it is not regarded as a contradiction to
+>> recommend setting a root password at installation and at the same time
+>> leaving the door wide open by default for reasons of convenience.
+>
+> Because usually people interested in security usually consider threat
+> classes before considering effective countermeasures. And securing physical
+> access is usually considered worthless.
+
+Ah, I see. Interesting point of view.
+
+A computer in an environment of people IS a thread class. A bunch of
+adolescent kids IS a threat class.
+If your threat classes only include serious criminality (like taking
+away the computer) then your threat classes miss reality.
+But anyhow, you seem to have never experienced coming back home to
+find your root password changed by your well meaning kid (which is one
+of the not so serious REAL cases).
+
+> Now, that's just a default setting, this is perfectly subjective, and we may argue for hours about the right thing to do...  .
+
+No, it is not a subjective setting. Because this default setting is
+not caused by technical reasons nor is it set because of somebody's
+individual opinion. It is set simply for convenience reasons. We (at
+Mandrivauser de and other places) have been constantly recommending in
+the forums to change this setting and most of the users who are
+interested in security do it because they understand the reasoning
+behind it.
+
+But what do I know. This was the last time I argue about such things
+here. Do what YOU think is right.
+-- 
+wobo
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1