On Tue, 2016-11-22 at 23:49 -0800, Robert Yang wrote: > [YOCTO #10710] > > Otherwise, we can't login as root when debug-tweaks is not in > IMAGE_FEATURES, and there is no other users to login by default, so > there is no way to login.
Wait a second, are you really suggesting that OE-core should have a default root password in its default configuration? That's very bad practice and I'm against doing it this way. Having a default password is one of the common vulnerabilities in actual devices on the market today. OE-core should make it hard to make that mistake, not actively introduce it. So if you think that having a root password set (instead of empty), then at least make it an opt-in behavior that explicitly has to be selected. Make it an image feature so that images with and without default password can be build in the same build configuration. Changing base-passwd doesn't achieve that. Even then I'm still wondering what the benefit of a well-known password compared to no password is. Both are equally insecure, so someone who wants to allow logins might as well go with "empty password". -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
