[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH] live-initramfs: Assign user password from boot paremeter

On Tuesday 02 June 2009, 16:23:18, Daniel Baumann wrote:

> > I have sent this before, but the patch file I sent was not good, so I
> > think it's why not being accepted.

> In general, I'm not a fan of adding such a feature. Exposing passwords
> and also their hashes to visible to any user (which a boot parameter is,
> through /proc/cmdline), is not a good thing. It's better to statically
> configure user accounts directly by calling e.g. adduser through a hook
> at build time.

Since what it's proposed expose the password in crypted way, it seems a better 
approach of what we got since today.

Maybe another approach could be launching an interactive script during boot 
(enabled with a boot parameter obviously and  before starting real /sbin/init) 
which could ask the password and setup the user(s) password(s). 

In this case the level of security is not better, just different (think about 
keyloggers :-))

-- 
ESC:wq

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Reply to: