[Pkg-shadow-devel] Bug#304350: Always ask for root passowrd twice, even on critical priority installs?

Stephen Frost Stephen Frost <sfrost@snowman.net>, 304350@bugs.debian.org
Sun, 12 Jun 2005 08:00:54 -0400 

--U9gZlwNsVK2IUNAV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Christian Perrier (bubulle@debian.org) wrote:
>        critical
>               Questions that you really, really need to see (or else).
>=20
> Strictly speaking, the first password question pertains to the
> "critical" priority, because it does not have any reasonable default.

Well, actually, not so much.  If you really would like to be picky about
it, have the root password default to 'debian'.  In a reasonably secure
environment this is fine (and allows for someone to run around and
install a bunch of machines quickly and then have a script which changes
the password after the machine has rebooted w/ ssh running, etc).

> The confirmation question has a reasonable default or, to say this
> another way, is not strictyly necessary to be able to continue and not
> break anything.

About this I would disagree, and would agree w/ Manoj's argument.  When
you don't show the password back to the user then you *don't* have a
reasonable default because it's not at all clear that what the user
typed in is what the user *intended* to type in.  Your 'reasonable
default' argument only holds if you assume the user is perfect, and
that's generally not a good thing to assume. :)

> (and not in -devel, at least for the first round)

Now that's kind of bizarre.  You're planning to go to -devel *after*
having gone to the technical committee?  I guess you're not actually
expecting the technical committee to make a ruling on it, or you're just
going to ignore it if it's one you don't like?

	Thanks,

		Stephen

--U9gZlwNsVK2IUNAV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCrCP2rzgMPqB3kigRApg0AJ4x5/y8Jry7lXiCDmflpFR8lfDJ8wCcDPaU
kUCJA18DzOhzm2EbKtK3lX0=
=qIcu
-----END PGP SIGNATURE-----

--U9gZlwNsVK2IUNAV--