On Tue, 2019-11-26 at 00:34 +0100, Kevin Kofler wrote:
Samuel Sieb wrote:
> Steps 1 - 4 are not benefits, they are workarounds to critical system
> utilities required by this change. I don't understand why this change
> is necessary at all. It only affects local logins and if someone wants
> to have an empty password, why make it so difficult? It's their choice.
+1, I do not see the point of patronizing our users that way (and it is only
an extra hoop to jump through because they can still readd the nullok), and
find it particularly pointless to make all those error-prone changes to core
system utilities just to make that work.
> It's not like Fedora has any default logins with empty passwords, the
> user has to make their own.
That part is actually not entirely true: the live images have no password
set on the liveuser and root accounts. Hence, this change will also break
the live images, unless we add yet another hack to the scriptlets in the
live kickstarts, one that readds the nullok option. IMHO, we already have
too many hacks in the kickstart scriptlets.
I gotta say +1 too. I don't buy that there's a significant 'hardening'
benefit worth all the effort mentioned in the Change *plus* the
additional consequences Kevin and Martin pointed out. At minimum I'd
like to see a much more convincing case that people are creating users
without passwords without understanding what they're doing.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net