[LEDE-DEV] [PATCH] utils/busybox: prevent weak root passwords

David Lang david at lang.hm
Fri Feb 17 03:44:59 PST 2017 

On Fri, 17 Feb 2017, Dan Lüdtke wrote:

> Hi David,
>
> thanks for the fast response!
>
>> On 17 Feb 2017, at 11:54, David Lang <david at lang.hm> wrote:
>> But deciding that you know better than the admin of the system is not.
>
> Not that I am a fan of telling admins what to do, but do you see any chance 
> that we can get an consistent and enforceable approach to *minimum* 
> requirements, e.g. minimum password length? Maybe by using a configuration 
> variable? Havon only the GUI enforce minimum password length and not the CLI 
> is rather inconsistent (some may say useless or even confusing).

some would say useless, others would say extremely useful. Making a LEDE-only 
way of doing this will be far more confusing to those of us who use many 
systems.

>> you don't have any idea what the security environment is for the system, or 
>> why the admin is selecting that password.
>>
>> It's not just a busybox thing to allow the root user to select a password 
>> that is shorter than 'recommended', that's normal behavior on *nix systems 
>> and has been for decades, even as the 'recommendations' have changed.
>
> I rather see this as a "LEDE" system not a standard *nix system, even though 
> it is based on Linux and runs a Linux kernel. The question is, is this a more 
> a "product" or just another Linux system?

LEDE is a Linux Distro that is optimized for "embedded" systems (Linux Embedded 
Development Environment is what LEDE stands for IIRC)

There are a lot of proprietary systems out there for low resource systems, one 
of the big strengths of OpenWRT and LEDE is that it IS a Linux system, which 
means that Linux tools work, and software that was origionally developed for 
much larger systems is available.

If you had asked people when OpenWRT started if it would ever be possible to run 
a phone system on a router, they would have laughted at you, the router would 
obviously be far too limited to do something like that (both in CPU and memory), 
but as more powerful routers became available, the Linux compatibility meant 
that Asterisk could be compiled for this CPU and "just work", no significant 
development effort needed.

We are now near, or at the point where Java based tools can be run on these 
devices, which will open up another world of software and tools.

So I believe that it really is important to recognize the LEDE is "just another 
Linux system" and to try and avoid breaking compatibility with such systems.

> "has been for decades" is not a good argument. The others are. But that one is just not.

Breaking long-established ways of doing things has a cost. Adding a newer (and 
in your opinion, better) way of doing something is just fine, but every time you 
make it so that an existing way of doing something breaks, you aggrevate admins 
of systems, and reduce the value of all the documentation (in print and on the 
web). Sometimes there is a good enough reason to break something, but it should 
always be done reluctantly.

David Lang

More information about the Lede-dev mailing list