Comment 19 for bug 393854
Revision history for this message
| Milan Bouchet-Valat (nalimilan) wrote | #19 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
The rationale behind this feature vs. the standard nullok_secure way is that *you actually have a password*. This means users can be admins, type their password to use sudo, PolicyKit or lock their screen, but they are not asked to type it on login. They can additionally connect over local SSH for example.
There are many use cases for this - if you consider how people are used to configure their Windows home computers for example: as long as you're not the only user on the box (-> GDM autoconnect), you are forced to type your password. So if you want to avoid that without losing all security, and that you want to be an admin (quite common), you need this feature.
users-admin has never allowed people to use an empty password because of security considerations. I've already closed several feature requests like that. Are you suggesting we should make it easy to use empty passwords ("Use no password' " button)? I'd find it quite bad, but OTOH we need an easy way for people to skip this step if they don't want to type a password.
The current situation can be counter-productive: friends of mine are using silly passwords such as "xxxx" because they don't care. If we weren't forcing them to type passwords on login, I would happily force users to choose a strong password in users-admin, which would improve security.
So all in all, I see more use cases for this method than for the traditional nullok_secure option. Dropping the latter wouldn't hurt IMHO if we can provide a better approach.