Le jeudi 05 août 2010 à 20:17 +0200, Frans Pop a écrit : > (No need to CC on replies: I read the list.) > > On Thursday 05 August 2010, Thibaut Girka wrote: > > If you're talking about user-setup, they are cleared, that the first > > thing I've checked (better done that checking network-console, it seems) > > before sending this mail. > > With user-setup the passwords are asked by a different (much earlier [1]) > script than the one that creates the accounts and sets the passwords. So > they *must* be in the debconf database for at least the time in between. > > The fact that they are cleared afterwards - only at the very, very end of > the installation: just before the reboot - seems to me like a mostly empty > gesture. At least for the attack vector you were concerned about. You're right, I was expecting it to do that at the end of the base-install step, but here too, it would be readable for quite a long time.
Attachment:
signature.asc
Description: This is a digitally signed message part