1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] Handling single user/rescue/failsafe mode
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj4EbkZg3%2Bv8QEu9ncy5NTenr1CspgkjSOFa1b7syj6odw%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="014885.html">
<LINK REL="Next" HREF="014887.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] Handling single user/rescue/failsafe mode</H1>
<B>Wolfgang Bornath</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj4EbkZg3%2Bv8QEu9ncy5NTenr1CspgkjSOFa1b7syj6odw%40mail.gmail.com%3E"
TITLE="[Mageia-dev] Handling single user/rescue/failsafe mode">molch.b at googlemail.com
</A><BR>
<I>Thu Apr 26 16:26:47 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="014885.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI>Next message: <A HREF="014887.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#14886">[ date ]</a>
<a href="thread.html#14886">[ thread ]</a>
<a href="subject.html#14886">[ subject ]</a>
<a href="author.html#14886">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>2012/4/26 Guillaume Rousse <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">guillomovitch at gmail.com</A>>:
><i> Le 26/04/2012 15:21, Wolfgang Bornath a écrit :
</I>>><i>
</I>>><i> 2012/4/26 Guillaume Rousse<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">guillomovitch at gmail.com</A>>:
</I>>>><i>
</I>>>><i> Le 26/04/2012 14:22, Wolfgang Bornath a écrit :
</I>>>>><i>
</I>>>>><i>
</I>>>>><i> What is the advantage to leave the barn door open? To make it easier
</I>>>>><i> on those who can not remember their root password? Having to find out
</I>>>>><i> how to overcome that small bar will not hurt them but teach them a
</I>>>>><i> lesson.
</I>>>><i>
</I>>>><i>
</I>>>><i> Having to type a password with a misconfigured keyboard is a pain.
</I>>>><i> Really.
</I>>><i>
</I>>><i>
</I>>><i> Yes, that is surely a reasons to put away with all passwords because
</I>>><i> they are all hard to type with a misconfigured keyboard.
</I>><i>
</I>><i> Your comparaison is unfair. Your usually boot in runlevel 1 exceptionnaly,
</I>><i> because your machine is in bad shape, in order to repair it. And as it is
</I>><i> not the usual operating runlevel, you can't usually ensure than than
</I>><i> boot-time configuration is applied correctly.
</I>
How it is unfair?
The question is NOT what people usually do but what people CAN do. If
you go out for lunch, do you leave your desk drawere open for
everybody passing by? No? So why do you do that to your computer?
>><i> I don't understand that it is not regarded as a contradiction to
</I>>><i> recommend setting a root password at installation and at the same time
</I>>><i> leaving the door wide open by default for reasons of convenience.
</I>><i>
</I>><i> Because usually people interested in security usually consider threat
</I>><i> classes before considering effective countermeasures. And securing physical
</I>><i> access is usually considered worthless.
</I>
Ah, I see. Interesting point of view.
A computer in an environment of people IS a thread class. A bunch of
adolescent kids IS a threat class.
If your threat classes only include serious criminality (like taking
away the computer) then your threat classes miss reality.
But anyhow, you seem to have never experienced coming back home to
find your root password changed by your well meaning kid (which is one
of the not so serious REAL cases).
><i> Now, that's just a default setting, this is perfectly subjective, and we may argue for hours about the right thing to do... .
</I>
No, it is not a subjective setting. Because this default setting is
not caused by technical reasons nor is it set because of somebody's
individual opinion. It is set simply for convenience reasons. We (at
Mandrivauser de and other places) have been constantly recommending in
the forums to change this setting and most of the users who are
interested in security do it because they understand the reasoning
behind it.
But what do I know. This was the last time I argue about such things
here. Do what YOU think is right.
--
wobo
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="014885.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI>Next message: <A HREF="014887.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#14886">[ date ]</a>
<a href="thread.html#14886">[ thread ]</a>
<a href="subject.html#14886">[ subject ]</a>
<a href="author.html#14886">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|