Hi David, thanks for the fast response!
> On 17 Feb 2017, at 11:54, David Lang <da...@lang.hm> wrote: > But deciding that you know better than the admin of the system is not. Not that I am a fan of telling admins what to do, but do you see any chance that we can get an consistent and enforceable approach to *minimum* requirements, e.g. minimum password length? Maybe by using a configuration variable? Havon only the GUI enforce minimum password length and not the CLI is rather inconsistent (some may say useless or even confusing). > > you don't have any idea what the security environment is for the system, or > why the admin is selecting that password. > > It's not just a busybox thing to allow the root user to select a password > that is shorter than 'recommended', that's normal behavior on *nix systems > and has been for decades, even as the 'recommendations' have changed. I rather see this as a "LEDE" system not a standard *nix system, even though it is based on Linux and runs a Linux kernel. The question is, is this a more a "product" or just another Linux system? "has been for decades" is not a good argument. The others are. But that one is just not. Cheers, Dan _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
