There is always a balance to be found between security and convenience. For instance, complex passwords are more secure than simple ones, but less convenient to type. This week a discussion debating this balance has appeared in the Void project's issue tracker. The Void distribution, when installed from local live media, leaves a PolicyKit rule on the system which allows users in the wheel group to run commands as the root user without a password. Some see this passwordless access as a security concern while the development team sees it as a convenience feature that makes working with the live system easier for users. Others have suggested that the default behaviour is not necessarily bad, but should be documented to better allow administrators to choose the right settings for their situation. The complete conversation can be found on Void's GitHub page.
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu or Linux Mint pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.