Re: itp: static bins / resolving static debian issues
On Sat, 21 Aug 1999, Marek Habersack wrote:
> > Here is what I suggest:
> > currently sash is priority optional. When installed, it asks you if you
> > want to change root's login shell to sash. Default is "no".
> >
> > Change this to:
> > set the priority of sash to standard or important. On install, ask if
> > you want to make this the default root shell. Default to "yes". Say
>
> No. It should be installed as a part of the standard installation process
> and used as the alternative sashroot account shell.
As long as it asks. If sash asks the question at installation, then a
sysadmin who hasn't heard of sash before is now hearing about it. If you
silently add a new user, the sysadmin might not notice about the new
account or the existence of sash, and surprises are generally bad.
You might even consider also asking "What should the sash user be called?"
if the user says [Y] to the first question, to give maximum flexibility to
the user. If I was installing a machine that sits on the Internet for
example, I would probably want to use a non-default username for this
non-root user just because it's one less piece of information that a black
hat can infer.
Reply to: