Re: create password in postinst

To: Daniel Knabl <daniel@knabl.com>
Cc: ment <debian-mentors@lists.debian.org>
Subject: Re: create password in postinst
From: Anthony DeRobertis <anthony@derobert.net>
Date: Sun, 05 Feb 2006 10:58:00 -0500
Message-id: <[🔎] 43E62088.40907@derobert.net>
In-reply-to: <20060126132847.3d09023d@localhost>
References: <20060126132847.3d09023d@localhost>

Daniel Knabl wrote:

>  ask the user for a password via debconf (store in $CLEARPASS)
>  and then do HASH=`mkpasswd -S 35348090 -H md5 $CLEARPASS` and
>  afterwards the usual sed -e "s/default/"$HASH"/;" ...

No, that's not ok. First off, any "funny" characters in the password
will cause errors. Second, and probably more important, any user running
'ps' will be able to read the plain-text password.

If you want to use mkpasswd, read about its -P and -s options. Pipe the
password to it. [But don't use /bin/echo for that; same problem...] Not
quite sure how to pull that off in sh, maybe someone will have
suggestions...

Reply to:

Follow-Ups:
- Re: create password in postinst
  - From: Justin Pryzby <justinpryzby@users.sourceforge.net>

Prev by Date: Re: More on touch-fu (was Re: Re-libtooling + automake)
Next by Date: Re: create password in postinst
Previous by thread: RFS: libnet-amazon-perl -- Perl framework for accessing amazon.com via SOAP and XML/HTTP
Next by thread: Re: create password in postinst
Index(es):
- Date
- Thread