Re: set password for live user

To: debian-live@lists.debian.org
Subject: Re: set password for live user
From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Tue, 14 Jul 2009 20:14:50 +0300
Message-id: <20090714171450.GM18311@xorcom.com>
In-reply-to: <20090714163728.GL18311@xorcom.com>
References: <20090714163728.GL18311@xorcom.com>

On Tue, Jul 14, 2009 at 07:37:28PM +0300, Tzafrir Cohen wrote:

> Rationale: my live CD exposes an ssh server by default, which is a basic
> requirement. I would thus like to allow the user to give some minimal
> security from remote attackers who happen to read the documentation that
> includes the default password.

Hiding it from remote attackers is indeed a noble cause. Sadly it was
poorly implemented:

  http://updates.xorcom.com/iso/live-2.0.0-beta_config/config/chroot_local-includes/etc/apache2/conf.d/live_media.conf

Fixed with an expliict alias of live.cfg to /dev/null .

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen@xorcom.com
+972-50-7952406           mailto:tzafrir.cohen@xorcom.com
http://www.xorcom.com  iax:guest@local.xorcom.com/tzafrir

Reply to:

References:
- set password for live user
  - From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>

Prev by Date: set password for live user
Next by Date: Re: set password for live user
Previous by thread: set password for live user
Next by thread: Re: set password for live user
Index(es):
- Date
- Thread