Le jeudi 05 août 2010 à 14:58 +0200, Frans Pop a écrit : > On Thursday 05 August 2010, Thibaut Girka wrote: > > > Did you actually check this? The password templates are of type > > > 'password' and thus the value should be in > > > /var/lib/cdebconf/passwords.dat (and thus encoded) instead of in plain > > > text in questions.dat. > > > > Well, you can still db_get the password, can't you? > > Yes. > > > As said earlier, I was, for some reason, sure that the postinst script > > didn't clear the passwords... > > The fact that it clears the passwords is somewhat accidental (it has more > to do with allowing to re-enter the passwords if they are unequal than > with security considerations). > There are also other fields in passwords.dat, like the root and first user > passwords, that are possibly not cleared.
If you're talking about user-setup, they are cleared, that the first thing I've checked (better done that checking network-console, it seems) before sending this mail. > Systems are vulnerable anyway when people have physical access to them. > That they are a bit more vulnerable during installation is almost > unavoidable, but in most cases the window (time from start of install to > reboot) is quite short. Well, depends on what you mean by "short", but I agree. > I don't think this is something we should worry too much about. Hence the "paranoid".
signature.asc
Description: This is a digitally signed message part
