[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: common database policy/infrastracture

On Thu, 16 Dec 2004 08:27:20 +0100 (CET), Andreas Tille <tillea@rki.de> wrote:
> On Wed, 15 Dec 2004, sean finney wrote:
> Yes, but I do not want to store the password *anywhere* - it could even
> be removed from debconf database because it makes no sense to store it
> in case the local maintainer changes the database password the value
> is absolutely useless in any config file or debconf database.  Moreover
> it is even a security risk to store a password in an additional place.

If it's only readable by root, how much of a risk is it really?

Reply to: