Default user decisions
On Mon, Apr 28, 2008 at 2:42 AM, Tzafrir Cohen <tzafrir.cohen at xorcom.com> wrote:
> I also expect a typical system to be up for a pretty short time, and
> hence the impact of a malicious take-over is significantly reduced.
Not necessarily. My laptop typically accumulates uptimes of a week or
so before I reboot or put a new image (or crash), and it's on public
wifi for much of that time. I'm glad this came up, since I hadn't
thought to disable passworded logins.
In any case, I think it's best to have a password required for the
user, but perhaps what the password is could be configurable? Also,
if I can throw in a related request, it'd be nice to be able to change
the uid so that it matches my other machines and NFS works nicely at