Daniel Baumann wrote: > Steven Shiau wrote: > >> Hi, >> > > Hi, > > Hi Daniel, >> I have sent this before, but the patch file I sent was not good, so I >> think it's why not being accepted. >> > > i hoped someone else would comment before I do, however.. here are my > thoughts. > > In general, I'm not a fan of adding such a feature. Exposing passwords > and also their hashes to visible to any user (which a boot parameter is, > through /proc/cmdline), is not a good thing. It's better to statically > configure user accounts directly by calling e.g. adduser through a hook > at build time. > > Yes, I know this is not secure, that's true. However, this boot parameter provides a way to allow people to change the default password. Especially when you want to use such a live CD to do remotely rescue (maybe from PXE booting), the machine is on-line, and it's all for you. Therefore you do not care about anyone else seeing the /proc/cmdline. > However, i understand that this is unflexible as it's a thing you do > during build time and not during run (or boot) time. > Thanks for your understanding. > This, and also the fact that the issue comes up now in the third year of > debian-live for the third time, in different implementations though, I > admit that there appears to be a demand for that. When I'm going to make > initial plans for live-initramfs 2.x next week, I'll honor that and try > to come up with any smart thing that would allow such a thing, I don't > have any at hand right now. > Great! Look forward to seeing and trying live-initramfs 2.x. > >> and send it again. Hope you do not mind. >> > > sure not. if you have anything else that has gone lost (or you think it > has gone lost, or simply you didn't got any answer), please do never > hesitate to resend/ask/whatever again. > > Thanks again. :)
Regards, Steven. > Regards, > Daniel > > -- Steven Shiau <steven _at_ nchc org tw> <steven _at_ stevenshiau org> National Center for High-performance Computing, Taiwan. http://www.nchc.org.tw Public Key Server PGP Key ID: 1024D/9762755A Fingerprint: A2A1 08B7 C22C 3D06 34DB F4BC 08B3 E3D7 9762 755A -- To UNSUBSCRIBE, email to debian-live-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
