Re: google account say it will no longer deliver email
On Fri 13 May 2022 at 14:02:40 (+0200), tomas@tuxteam.de wrote:
> On Fri, May 13, 2022 at 11:44:52AM -0000, Curt wrote:
> > On 2022-05-13, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:
> > >
> > >> > It's just the basic antipattern you can see everywhere in surveillance
> >
> > >> You seem to be seeing these antipatterns at the drop of any hat.
> > >
> > > Uh -- whatever you mean to say with that.
> >
> > I meant that you applied (or employed) the term quite recently in a
> > completely unrelated thread about openssh, and David Wright's
> > observation that logging in remotely as root can be problematic.
>
> Hm. It seems I was unclear. Trying to fix it (hopefully *not* making
> it worse):
>
> - I do agree that logging in as root remotely can be problematic
> (especially when root has a weak password). So I think it is
> a good thing for the admin to be able to disable that.
> - I think the software forcing the admin to do that would be an
> antipattern. OpenSSH *doesn't* force the admin to do that,
> so it *doesn't* follow that antipattern.
What I don't understand about that thread is why the shift in
focus to ssh, openssh, and logging in (or otherwise) as root.
I don't see any antipatterns there (they certainly haven't been
spelled out), but just choices made by the sysadmin, between
no root password, having a password but not usable for remote
logins, and so on. Choices helped along by our Debian developers.
Surely the serious antipatterns mentioned in that thread are:
. running setuid scripts, as the OP claimed was possible in the past,
. suggestion to run said scripts as root, without having seen them.
(One of the benefits of posting scripts here is that they get
criticised, usually constructively, and hence improved.)
Cheers,
David.
Reply to: