On Sun, Feb 11, 2024 at 10:10:13AM +0000, Sam James wrote: > I'm in favour, although I'd be curious as to why upstream shadow don't > just set it. It would be interesting to see if the discussion already > happened there at some point (surely it has?) and find out their > reasoning. (But that's not a blocker for proceeding.)
I believe it is for historical reasons. Computer networks and terminals used to be much friendlier places. > I want to hear more opinions first though. Thanks for raising this, > it's been in the back of my head. Even though I do not really care either way, what problem exactly are we trying to solve? Better security is just too vague an argument. I can see the argument if we were selling to business (*cough*red hat*cough*) but on the other hand, an argument can also be made for keeping to the roots of computer networks and their naivete (keep information free and all that stuff). In this regard, it is telling that only debian and gentoo keep 022. Consider taking it upstream as someone else (ulm?) already mentioned in the discussion. Thanks -- Eray