[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#294783: passwd: root-password-again and user-password-again should be "critical"

El dom, 13-02-2005 a las 08:06 +0100, Christian Perrier escribió:
> > In my opinion, ask again the password is required. 
> > 
> >   Imagine a password like "a7s9fu29puo121", it is very dangerous
> > introduce just one time! Really, it doesn't matter the "complexity" of
> > the password, it could mean an extra effort to recover the well
> > operation of the system.
> You're missing the point of the critical priority in debconf, imho.
> > 
> > debconf-devel(7)...
> > 
> > INPUT priority question
> >   critical
> >        Items that will probably break the system without user intervention.
> >                        ^^^^^^^^
> > If the matter is "probability", it could be great discuss this.
> Nope. The above is about the requested info missing which would be
> likely to break the system.
> Here, the password confirmation value missing will not break the
> system, will not prevent the package to configure. The installation
> will go on and the whole system will be usable.

Ok, the system wont break, but you wont be able to access it. So the
user will be in trouble.

> Again and again and again (and probably for the very last time), we
> are not talking about default installs here. The critical priority is
> meant for quick installs with absolutely minimal prompting, ie only
> questions chiwh are absolutely vital for the install to be completed
> are asked.

I'm agree, but ask twice it's an extra effort to the user that can
benefit a lot.

> All people who would like to change this are requested to bring the
> input from the technical commitee about this issue.
> At this very moment, I have heard from 3-4 people who would like to
> change this behaviour. It seems to me that not changing it is the
> opinion of several D-I contributors (from the IRC channel log). So,
> this is very balanced.....
> Anyway, this will not change for sarge. This is by far too late.

That's no problem :) i will be here (i hope) for the next release. 

Reply to: