Local users get to play root?

Chris Adams cmadams at hiwaay.net
Thu Nov 19 14:32:12 UTC 2009


Once upon a time, Richard Hughes <hughsient at gmail.com> said:
> 2009/11/19 Chris Adams <cmadams at hiwaay.net>:
> > You keep saying that, but you are wrong.  Otherwise, why do we even
> > bother with passwords (and checking password strength)?
> 
> Authentication and authorisation are not the same problem at all. It's
> probably worth reading the PolicyKit design documents.

I understand the difference between authentication and authorization.
That still doesn't explain your assertion that requiring a restricted
password is somehow less secure than not requiring a password at all.

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.




More information about the fedora-devel-list mailing list