[gobolinux-devel] [GoboLinux 014-release candidate 0000221]: Installer disallowing empty SuperUser password
Isaac Dupree
isaacdupree at charter.net
Thu Dec 13 13:14:19 NZDT 2007
Jonas Karlsson wrote:
> On Tue, 11 Dec 2007 19:46:33 +0100, <bugs at gobolinux.org> wrote:
>
>> The following issue has been SUBMITTED.
>> ======================================================================
>> http://bugs.gobolinux.org/view.php?id=221
>> Summary: Installer disallowing empty SuperUser password
>> Description:
>> Right now you can not set "empty" passwords.
>>
>> The problem is that the installer decides this for you, not you as user.
>> (Admittedly this is a super-trivial thing but at least a dev can explain
>> why it should be this or that way. I explain my point of view on it soon.)
>>
>> I propose the:
>> "may not set empty passwords"
>> during Installer be changed to a warning instead like this:
>> "Warning - it is not recommended to have an empty password for the
>> superuser account. If you insist to have this though, just continue."
>>
>> or similar in wording.
>
> I'm not sure about what others think of this, but I agree that allowing an
> empty superuser password can be a valid option in some cases. I've attached
> my proposal for a solution for this issue. It locks the superuser account,
> like how it's done in ubuntu, if no password is given. It also notices the
> user about this and warns
While that may make sense, it doesn't allow you to choose an empty
superuser password upon installation. Instead, it interprets "empty" as
"no login password at all", whether the user wants this or not. I just
don't see how
"allowing an empty superuser password can be a valid option in some
cases" is solved by your "proposal for a solution for this issue". Or
is your only problem that it gives an error when empty password is
given, not zero-length-password having a semantics consistent with other
passwords? I'm a little confused.
although, unix sometimes has trouble with zero-length passwords; and
there is the password "locking" that we may like to give an interface
to; so maybe it makes sense to disallow zero-length and to use the same
field to trigger "locking"?
Isaac
More information about the gobolinux-devel
mailing list