[Fedora-livecd-list] A French Fedora LiveCD.
Rahul Sundaram
sundaram at fedoraproject.org
Thu Mar 9 07:04:29 UTC 2006
Jeremy Katz wrote:
>On Wed, 2006-03-08 at 23:26 +0530, Rahul Sundaram wrote:
>
>
>>Jeremy Katz wrote:
>>
>>
>>>On Wed, 2006-03-08 at 08:29 -0500, J. Hartline wrote:
>>>
>>>
>>>>Provide fedora and root usernames with blank passwords. Security is not
>>>>a concern for a Live CD
>>>>
>>>>
>>>No! Security is very much a concern here. We need to make sure we
>>>don't start a spread of worms from our live CD.
>>>
>>>
>>>
>>Auto login to a non administrative user called Fedora. How is that bad
>>for security?
>>
>>
>
>If you have ways to log in remotely, then it could allow for people to
>log in and start running, eg, eggbots or any of a number of other things
>if there's a blank password.
>
>So it's not necessarily that auto-login to a non-administrative account
>is bad (it probably does make sense). But just that thinking "oh,
>security isn't a concern for a live cd" is not wise.
>
>
In this particular specific scenario, it isnt much of a concern. Please
put things into context.
--
Rahul
More information about the Fedora-livecd-list
mailing list