Request for Bug Review

Ryan.Oliver at pha.com.au Ryan.Oliver at pha.com.au
Thu Sep 25 02:20:44 PDT 2003





Greg Schafer wrote:
> On Thu, Sep 25, 2003 at 08:33:07AM +0200, Ulrich Fahrenberg wrote:
> > Greg, you are right in principle, but not in this particular case.
> > Fixing the shadow instructions can be done in a snap and would be a
Good
> > Thing, IMHO.
>
> That is debateable. We just got rid of the nobody user for reasons
relating
> to not interfering with "local security policy". This is a similar thing.
>

Bulldust, the shell used for a "nobody" user (or even the nobody users
existence) is a hell of a different issue to the setup of the default
authentication mechanism.

Of course those who know will use MD5 as a matter of course, but we
are pushing Mr Joe Public who may not understand the issue towards an
inferior solution by default.

/me votes for MD5 strenuously

Regards
Ryan




More information about the lfs-dev mailing list