[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: create password in postinst



On Sun, Feb 05, 2006 at 11:26:08AM -0500, Justin Pryzby wrote:
> On Sun, Feb 05, 2006 at 10:58:00AM -0500, Anthony DeRobertis wrote:

> > No, that's not ok. First off, any "funny" characters in the password
> > will cause errors. Second, and probably more important, any user running
> > 'ps' will be able to read the plain-text password.

> Does this work?
> 
> 	mkpasswdd -H md5 -S 35348090 -s <<EOF
> 	$password
> 	EOF

Note that some (all?) sh shells implement here documents using
a temporary file, so if you use them without setting umask, the
password will be exposed - at least for a short time.

cheers,
Max
#!/bin/sh
while :
do cat <<EOF
SECRETSECRET
EOF
done
#!/bin/sh
while :
do grep SECRET /tmp/*
done

Reply to: