Re: Bug#294783: passwd: root-password-again and user-password-again should be "critical"
El vie, 11-02-2005 a las 21:52 +0100, Christian Perrier escribió:
> tags 294783 wontfix
> thanks
>
> Quoting Carlos Parra Camargo (carlospc@gmail.com):
> > Package: passwd
> > Version: 1:4.0.3-30.9
> > Severity: wishlist
> >
> > user-password-again and root-password-again are "high" priority. The
> > should be "critical" priority, it's very dangerous ask just one time the
> > password.
> >
> > debian/passwd.config: db_input high passwd/user-password-again
> > ^^^^
> > debian/passwd.config: db_input high passwd/root-password-again
> > ^^^^
>
>
> Using the critical priority during installs means you are ready to
> minimize the user interaction as much as possible. For that reason,
> the password confirmation dialog was set to high because this
> information is, strictly speaking, not absolutely necessary for the
> package to be operational.
>
> See debconf-devel(7)...
>
> INPUT priority question
> critical
> Items that will probably break the system without user intervention.
>
> The lack of the shadow/root-password-again entry will not break the
> system. Only the user mistake will.
>
>
> There is no real danger in a root password entry mistake during the
> system setup as you're very likely to notice the mistake immediately at
> the end of the install and then fix this through the usual methods in
> such cases.
>
> So, I don't really see a need for this change to occur and certainly
> not before sarge release.
In my opinion, ask again the password is required.
Imagine a password like "a7s9fu29puo121", it is very dangerous
introduce just one time! Really, it doesn't matter the "complexity" of
the password, it could mean an extra effort to recover the well
operation of the system.
debconf-devel(7)...
INPUT priority question
critical
Items that will probably break the system without user intervention.
^^^^^^^^
If the matter is "probability", it could be great discuss this.
Reply to: