1 |
On 12/21/2017 02:27 PM, Jeroen Roovers wrote: |
2 |
> On Thu, 21 Dec 2017 10:10:30 -0500 |
3 |
> Michael Orlitzky <mjo@g.o> wrote: |
4 |
> |
5 |
>> The "cracklib" USE flag ... this commit removes it from base/make.defaults. |
6 |
>> |
7 |
>> Closes: https://bugs.gentoo.org/635698 |
8 |
> |
9 |
> As there: |
10 |
>> ... |
11 |
> |
12 |
> Let me (easily) counter that by stating that having cracklib in place |
13 |
> makes people pick better passwords. Especially the brand new Linux |
14 |
> users we see so many of might benefit from a default mechanism that |
15 |
> helps them make better security choices, but I am sure even advanced |
16 |
> users and systems administrators might set a "temporary" POC password |
17 |
> "quickly" and then later see their systems go into production without a |
18 |
> second thought about using stronger passwords. |
19 |
> |
20 |
> Please close that bug report. |
21 |
|
22 |
I don't think that "some people want it enabled" is enough justification |
23 |
to keep this in the base profile that is the parent of all others. |
24 |
|
25 |
If you disagree, please make your voice heard on the bug. |