On Thu, Nov 13, 2003 at 11:16:59PM -0500, Sam Hartman wrote: > >>>>> "Matt" == Matt Zimmerman <[EMAIL PROTECTED]> writes: > > Matt> I think a single "Will you be using NIS?" question would be > Matt> justified; this could provide defaults for md5 vs. crypt > Matt> passwords and setuid-ness of unix_chkpwd, and so those > Matt> questions could be suppressed by default. > > I disagree. Debian is sufficiently hard to install that developers of > security software I've asked to install it have been frustrated to the > point of not using it by the number of questions. I believe adding > questions about NIS would be inappropriate.
The method I described, if implemented, would not change the number of questions asked in a default install. The NIS question would essentially replace the md5 question, which would remain at default unless the user asks to see every single question. > I'd rather see a solution where we have some nis support package that > makes unix_chkpwd setuid root when that support package is installed. This would be even better. -- - mdz