Bug 50528
Summary: | 5 char grub password not accepted | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Gerald Teschl <gt> |
Component: | anaconda | Assignee: | Jeremy Katz <katzj> |
Status: | CLOSED RAWHIDE | QA Contact: | Brock Organ <borgan> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-08-01 19:41:35 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gerald Teschl
2001-07-31 21:51:14 UTC
*** Bug 50529 has been marked as a duplicate of this bug. *** Assigning to an engineer for consideration. BTW, my understand of LILO passwords is they are so weak they are pointless. Saying that we should allow shorter passwords for this is kind of like saying we should allow for shorter root passwords. Security and convenience are always a tradeoff and the convenience in having a short bootloader password is outweighed by having a more secure password IMHO. LILO passwords are not supported because all of the LILO variants (which share code) don't have password support and lilo's password support is not nearly as useful (and brings in a plethora of other questions about whether it's restricting the image, do you set restricted, etc) It is fine if you warn a user, but the user should be able to choose. (If we wanted an operating system which tells us what to do we wold all be using M$.) In particular since the user can choose not to install a password at all! With the current situation many people will just choose non at all if they cant use their easy to remember one. The boot password will not be used very often (in comparison to the root password). People will not be able to find it by watching you type it since you will hardly ever type it. But if you want to make it more secure I would start by removing the read permissions from grub.conf if a password is set!!!! Concerning lilo: Just add "restriced" as default! Why is the lilo password support not useful!? It prevents people from booting into single user mode and this is all I want!!! And a weak wall is better than non at all! Changed to only require it to be one character and just use a warning dialog for passwords less than six characters. As to the permissions, hrmm... I had that chmod in there at one point, not sure where it disappeared to, added back in cvs. LILO passwords for this release at least are not happening. Screens are frozen and help screens written so that they can be translated. Maybe for the next release, but I personally would like to move away from LILO. Thanks! I understand that its to late lof lilo now. |