Re: Security Changes For Fedora 9 | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Tomas Hoger wrote:
On Sat, 5 Jan 2008 14:57:44 -0700 Kevin Fenzi <kevin@xxxxxxxxx> wrote:Well, as you say, you need to make sure we force the user to make a regular account first, currently thats not being done. You can do anew install and not create a user account.Problem is that you can not create unprivileged account in the installer, IIRC. You are asked whether you want to create normal user by firstboot, after system was rebooted. But that screen is usually not seen by users doing kickstart or vnc installation, as was pointed out by Tomas Mraz. So changing the default value to 'no' would mean that those users will have no way to log into newly installed systems (assuming those methods are frequently used for remote installs with no or limited physical access).
Please note that some installations, like ours, would not configure local accounts at all, whether during Kickstart or manual install. We use network accounts (LDAP), and we use ssh keys installed for root for administration. So please don't say things like "you need to make sure we force the user to make a regular account first", because that is not always the case. Perhaps in a small office/home installation these are good points, but not in larger installs with network authentication.
We have dozens and dozens of installs on a network used by researchers and we reinstall often and use network authentication, etc.
If you are going to consider this sort of thing, please make sure there is a switch somewhere so it doesn't break large site installations.
Thanks very much. -- David Pullman Systems Administrator Manufacturing Engineering Laboratory National Institute of Standards & Technology Mail Stop 8203 100 Bureau Drive Gaithersburg, MD 20899-8203 Tel: (301) 975-5385 Fax: (301) 926-3842 E-mail: david.pullman@xxxxxxxx -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Coolkey] [Fedora Tools]
