Re: [PATCH] live-initramfs: Assign user password from boot paremeter
Daniel Baumann wrote:
> Steven Shiau wrote:
>
>> Hi,
>>
>
> Hi,
>
>
Hi Daniel,
>> I have sent this before, but the patch file I sent was not good, so I
>> think it's why not being accepted.
>>
>
> i hoped someone else would comment before I do, however.. here are my
> thoughts.
>
> In general, I'm not a fan of adding such a feature. Exposing passwords
> and also their hashes to visible to any user (which a boot parameter is,
> through /proc/cmdline), is not a good thing. It's better to statically
> configure user accounts directly by calling e.g. adduser through a hook
> at build time.
>
>
Yes, I know this is not secure, that's true. However, this boot
parameter provides a way to allow people to change the default password.
Especially when you want to use such a live CD to do remotely rescue
(maybe from PXE booting), the machine is on-line, and it's all for you.
Therefore you do not care about anyone else seeing the /proc/cmdline.
> However, i understand that this is unflexible as it's a thing you do
> during build time and not during run (or boot) time.
>
Thanks for your understanding.
> This, and also the fact that the issue comes up now in the third year of
> debian-live for the third time, in different implementations though, I
> admit that there appears to be a demand for that. When I'm going to make
> initial plans for live-initramfs 2.x next week, I'll honor that and try
> to come up with any smart thing that would allow such a thing, I don't
> have any at hand right now.
>
Great! Look forward to seeing and trying live-initramfs 2.x.
>
>> and send it again. Hope you do not mind.
>>
>
> sure not. if you have anything else that has gone lost (or you think it
> has gone lost, or simply you didn't got any answer), please do never
> hesitate to resend/ask/whatever again.
>
>
Thanks again. :)
Regards,
Steven.
> Regards,
> Daniel
>
>
--
Steven Shiau <steven _at_ nchc org tw> <steven _at_ stevenshiau org>
National Center for High-performance Computing, Taiwan.
http://www.nchc.org.tw
Public Key Server PGP Key ID: 1024D/9762755A
Fingerprint: A2A1 08B7 C22C 3D06 34DB F4BC 08B3 E3D7 9762 755A
Reply to: