gdm Create User
Douglas McClendon
dmc.fedora at filteredperception.org
Sun Oct 7 22:47:17 UTC 2007
Alan Cox wrote:
> On Sun, Oct 07, 2007 at 06:41:25PM +0200, Lubomir Kundrak wrote:
>> Would the system, where an user would have to know ten passwords and
>> five usernames be more secure than one, where account is protected just
>> with the password? If yes, why don't we do that now?
>
> I'm sort of scared anybody in a security team would even ask that question
> as is.
I assumed s/he was being facetious, and describing a system, not
compartmentalized with many independent components, but rather just
comically expanding the login process to require a serial entry of 5
usernames and 10 passwords.
And yes, I do know how to disable face login. It appears to be also
possible from the standard admin->login gui tool, by unchecking the
'include users from passwd' checkbox. If I implement the feature I
described, this is where I would put both it's disable-totally, and
dont-even-bother-asking-for-root-passwd options. (as well as the gdm
text config file of course).
-dmc
"For me, given my threat model and how much my time is worth, life is
too short for SELinux." --Ted Ts'o
More information about the fedora-devel-list
mailing list