Bug#711251: root+KDC password in clear in /var/cache/debconf/
found 711251 1.455
thanks
I just did a main-server installation using
<URL: ftp.skolelinux.org::cd-squeeze-amd64-i386-netinst/debian-edu-amd64-i386-NETINST-1.iso >,
and looked for the root and first user password in /var/cache/debconf/
using
grep -rl password /var/cache/deconf/
and I am sad to report that the passwords showed in both templates.dat
and templates.dat-old.
The same is not the case with my home server, which is also a Debian Edu
Squeeze server. No idea what is different, but the problem seem to
exist in Squeeze too. :(
--
Happy hacking
Petter Reinholdtsen
Reply to: