Re: create password in postinst
On Sun, Feb 05, 2006 at 11:26:08AM -0500, Justin Pryzby wrote:
> On Sun, Feb 05, 2006 at 10:58:00AM -0500, Anthony DeRobertis wrote:
> > No, that's not ok. First off, any "funny" characters in the password
> > will cause errors. Second, and probably more important, any user running
> > 'ps' will be able to read the plain-text password.
> Does this work?
> mkpasswdd -H md5 -S 35348090 -s <<EOF
Note that some (all?) sh shells implement here documents using
a temporary file, so if you use them without setting umask, the
password will be exposed - at least for a short time.
do cat <<EOF
do grep SECRET /tmp/*