Package: live-installer Version: live-installer/53 Severity: important Dear Maintainer,
Download the ISO: (Any Live Image will work) https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian- live-9.0.1-amd64-gnome.iso Step 1: Burn the ISO to a DVD or Mount it in Gnome Boxes Step 2: Start completing the install and stop on the user/root screen (where you enter in a password). Step 3: Set the root password to "debian" and hit next. - You will notice that the installer does not check for complexity in any password given. Is ROOT not supposed to be secured? Set the user password to "debian" and hit next. - You will notice that the installer does not check for complexity in any password given. Is the User not supposed to be secured? Expected Outcome: A. It would also help if during the install it could check for normal complexity (Uppercase, Lowercase, and Symbol) on both the User and Root passwords. B. It would help if during the install their could be a choice for enabling sudo for the User now that I see sudo is installed by default. - To extend it would help if on servers the local user is able to ssh in along with root (being an option). Feedback in Question in thinking about B: Root should only be used for emergency situations. Even giving the user sudo access I can see their may be a problem. I wish there was some intergration in the installer that would jail down what a user needs to do and make that more of a standard practice (ex. use jails) by default vs trying to use root or sudo. -- System Information: Debian Release: 9.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
