Re: set password for live user
On Tue, Jul 14, 2009 at 07:37:28PM +0300, Tzafrir Cohen wrote:
> Rationale: my live CD exposes an ssh server by default, which is a basic
> requirement. I would thus like to allow the user to give some minimal
> security from remote attackers who happen to read the documentation that
> includes the default password.
Hiding it from remote attackers is indeed a noble cause. Sadly it was
poorly implemented:
http://updates.xorcom.com/iso/live-2.0.0-beta_config/config/chroot_local-includes/etc/apache2/conf.d/live_media.conf
Fixed with an expliict alias of live.cfg to /dev/null .
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen@xorcom.com
+972-50-7952406 mailto:tzafrir.cohen@xorcom.com
http://www.xorcom.com iax:guest@local.xorcom.com/tzafrir
Reply to: