Heads up - Anaconda 22.17 will enforce 'good' passwords

Adam Williamson adamwill at fedoraproject.org
Fri Jan 30 02:23:38 UTC 2015 

On Thu, 2015-01-29 at 19:55 -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson <adamwill at fedoraproject.org> said:
> > It's not actually something that is part of the Change's scope, 
> > but an alternative way to try and achieve the same goal: the 
> > overall thought process was "well, what the Change proposer really 
> > wants is to reduce the likelihood of compromise via password 
> > access to the root account,
> 
> So, why didn't this change have to go through a proposal?  The 
> original change was rejected (which should show there is 
> disagreement about this), so such a change should not just be pushed 
> without open discussion.

There's no policy (AFAIK) on what is and is not a Change. FESCo has 
the power to effectively declare something to be a Change (and thus 
subject to review and so forth) if it decides to do so, but there's 
nothing beyond that. And as I said to otherChris, 'without open 
discussion' is just plainly false. There's a ton of 'open discussion', 
spread across three mailing lists.

> If there is disagreement about this change, is there no recourse?  
> Or do anaconda devs get to determine system policy now on their own?

Eh, that seems like a pointlessly loaded question. I mean, in a sense, 
sure, they always have. They *write the installer*. That's always 
going to involve some degree of 'determining system policy', if you 
interpret that phrase broadly enough. What do you want, every anaconda 
commit to go through a committee review phase?

And 'recourse' seems like such a weird word that, again, I don't 
really know how to reply to it. You can discuss the decision, in a 
respectful fashion, here or on devel@ or on anaconda-devel-list at . You 
can take it up with FESCo. You could also, of course, wait more than 
one lousy day to give the devs a chance to reply before whipping up a 
storm of righteous indignation, but so often that seems too much to 
ask? 


-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net

More information about the test mailing list