[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re :- Re: Install Report II (The Revenge; bf 3.0.7 (beta); Acer Laptop; floppy/basedebs)



Anthony Towns <aj@azure.humbug.org.au> writes:

> It's a security thing: saving one user from accidently setting up root/etc
> without a password is well worth forcing someone who needs passwordless
> accounts to set it up twice.

I certainly agree that we should bend over backwards to help the
(presumably) more usual case in which a user might make such a bad
error.

> Joey might be changing it to a [y/N] prompt anyway though.

That would be perfectly fine by me.  Or, alternatively, some form of
"dire warning" explaining that unless the installer really does have a
particular special reason for this case, they should have a password.
Maybe force them to type "yes, I really do want a passwordless
account" or something.  :)

I fully agree that our first priority should be to get passwords set
on the accounts for all normal cases, but we shouldn't go out of our
way to force users to have security when there is no particular reason
for it.  



Reply to: