Re: [PATCH] live-initramfs: Assign user password from boot paremeter

To: Debian Live <debian-live@lists.debian.org>
Subject: Re: [PATCH] live-initramfs: Assign user password from boot paremeter
From: Steven Shiau <steven@nchc.org.tw>
Date: Tue, 02 Jun 2009 23:04:26 +0800
Message-id: <4A253F7A.9090208@nchc.org.tw>
In-reply-to: <4A2535D6.8020409@debian.org>
References: <4A1DF75E.2080506@nchc.org.tw> <4A2535D6.8020409@debian.org>

Daniel Baumann wrote:
> Steven Shiau wrote:
>   
>> Hi,
>>     
>
> Hi,
>
>   
Hi Daniel,
>> I have sent this before, but the patch file I sent was not good, so I
>> think it's why not being accepted.
>>     
>
> i hoped someone else would comment before I do, however.. here are my
> thoughts.
>
> In general, I'm not a fan of adding such a feature. Exposing passwords
> and also their hashes to visible to any user (which a boot parameter is,
> through /proc/cmdline), is not a good thing. It's better to statically
> configure user accounts directly by calling e.g. adduser through a hook
> at build time.
>
>   
Yes, I know this is not secure, that's true. However, this boot
parameter provides a way to allow people to change the default password.
Especially when you want to use such a live CD to do remotely rescue
(maybe from PXE booting), the machine is on-line, and it's all for you.
Therefore you do not care about anyone else seeing the /proc/cmdline.
> However, i understand that this is unflexible as it's a thing you do
> during build time and not during run (or boot) time.
>   
Thanks for your understanding.
> This, and also the fact that the issue comes up now in the third year of
> debian-live for the third time, in different implementations though, I
> admit that there appears to be a demand for that. When I'm going to make
> initial plans for live-initramfs 2.x next week, I'll honor that and try
> to come up with any smart thing that would allow such a thing, I don't
> have any at hand right now.
>   
Great! Look forward to seeing and trying live-initramfs 2.x.
>   
>> and send it again. Hope you do not mind.
>>     
>
> sure not. if you have anything else that has gone lost (or you think it
> has gone lost, or simply you didn't got any answer), please do never
> hesitate to resend/ask/whatever again.
>
>   
Thanks again. :)

Regards,
Steven.
> Regards,
> Daniel
>
>   


-- 
Steven Shiau <steven _at_ nchc org tw> <steven _at_ stevenshiau org>
National Center for High-performance Computing, Taiwan.
http://www.nchc.org.tw
Public Key Server PGP Key ID: 1024D/9762755A
Fingerprint: A2A1 08B7 C22C 3D06 34DB  F4BC 08B3 E3D7 9762 755A

Reply to:

References:
- Re: [PATCH] live-initramfs: Assign user password from boot paremeter
  - From: Daniel Baumann <daniel@debian.org>

Prev by Date: [PATCH] Respect APT/APTITUDE options in functions/packages.sh
Next by Date: rapid-live 1.3.0-beta asterisk and asterisk-gui
Previous by thread: Re: [PATCH] live-initramfs: Assign user password from boot paremeter
Next by thread: Re: [PATCH] live-initramfs: Assign user password from boot paremeter
Index(es):
- Date
- Thread