| 1 |
On 12/21/2017 02:27 PM, Jeroen Roovers wrote: |
| 2 |
> On Thu, 21 Dec 2017 10:10:30 -0500 |
| 3 |
> Michael Orlitzky <mjo@g.o> wrote: |
| 4 |
> |
| 5 |
>> The "cracklib" USE flag ... this commit removes it from base/make.defaults. |
| 6 |
>> |
| 7 |
>> Closes: https://bugs.gentoo.org/635698 |
| 8 |
> |
| 9 |
> As there: |
| 10 |
>> ... |
| 11 |
> |
| 12 |
> Let me (easily) counter that by stating that having cracklib in place |
| 13 |
> makes people pick better passwords. Especially the brand new Linux |
| 14 |
> users we see so many of might benefit from a default mechanism that |
| 15 |
> helps them make better security choices, but I am sure even advanced |
| 16 |
> users and systems administrators might set a "temporary" POC password |
| 17 |
> "quickly" and then later see their systems go into production without a |
| 18 |
> second thought about using stronger passwords. |
| 19 |
> |
| 20 |
> Please close that bug report. |
| 21 |
|
| 22 |
I don't think that "some people want it enabled" is enough justification |
| 23 |
to keep this in the base profile that is the parent of all others. |
| 24 |
|
| 25 |
If you disagree, please make your voice heard on the bug. |
Archives