On 14 March 2014 13:45, Matthew Garrett <mj...@srcf.ucam.org> wrote: > On Fri, Mar 14, 2014 at 03:41:30PM -0400, Eric H. Christensen wrote: > > On Fri, Mar 14, 2014 at 07:31:55PM +0000, Matthew Garrett wrote: > > > How does the average user make an informed decision about whether an > > > available security policy is appropriate for them? > > > > I guess we'll have to describe the different policies and provide > > approprate documentation/education. You know, pretty much how we get > > users to understand whether or not they should encrypt their hard > > drives or assign the first user as an administrator or anything else > > they do with their computer. > > The failure mode of making the wrong choice regarding an encrypted > partition or the default user being an administrator involves the system > *continuing to work*. The failure mode of making the wrong choice > regarding security policy is that things you expect to work mysteriously > don't. >
Actually the failure mode of the wrong choice on the encrypted partition is usually the system is now a brick because the person has forgotten the password, mistyped the password, made the password different etc. It is no different from the mass of people who forget their user password or root password except the system is completely unusable and can't be recovered. [I say this because it is the most common one I have had to deal with encrypted laptops in the field.] I am not saying that putting a choice for security options in the anaconda is a good idea myself. It is just yet another brick my box option we have and I would only want to see it in a "Show me options which are dangerous" mode. I am saying that we have a lot of shoot myself in the foot options already and Encrypted Partition is higher on the list than people know. -- Stephen J Smoogen.
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
