From: Patrick Ohly <patrick.ohly@intel.com>
To: Robert Yang <liezhi.yang@windriver.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH 2/2] base-passwd: set root's default password to 'root'
Date: Wed, 23 Nov 2016 12:16:51 +0100 [thread overview]
Message-ID: <1479899811.31880.37.camel@intel.com> (raw)
In-Reply-To: <e1b37a8090d9fe6d93d6f68301d5c89a45a93b37.1479871728.git.liezhi.yang@windriver.com>
On Tue, 2016-11-22 at 23:49 -0800, Robert Yang wrote:
> [YOCTO #10710]
>
> Otherwise, we can't login as root when debug-tweaks is not in
> IMAGE_FEATURES, and there is no other users to login by default, so
> there is no way to login.
Wait a second, are you really suggesting that OE-core should have a
default root password in its default configuration?
That's very bad practice and I'm against doing it this way. Having a
default password is one of the common vulnerabilities in actual devices
on the market today. OE-core should make it hard to make that mistake,
not actively introduce it.
So if you think that having a root password set (instead of empty), then
at least make it an opt-in behavior that explicitly has to be selected.
Make it an image feature so that images with and without default
password can be build in the same build configuration. Changing
base-passwd doesn't achieve that.
Even then I'm still wondering what the benefit of a well-known password
compared to no password is. Both are equally insecure, so someone who
wants to allow logins might as well go with "empty password".
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.
next prev parent reply other threads:[~2016-11-23 11:16 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-23 7:49 [PATCH 0/2] fix can't login when debug-tweaks is not in IMAGE_FEATURES Robert Yang
2016-11-23 7:49 ` [PATCH 1/2] rootfs-postcommands.bbclass: fix zap_empty_root_password Robert Yang
2016-11-23 7:49 ` [PATCH 2/2] base-passwd: set root's default password to 'root' Robert Yang
2016-11-23 11:16 ` Patrick Ohly [this message]
2016-11-23 14:17 ` Burton, Ross
2016-11-24 2:01 ` Robert Yang
2016-11-24 3:18 ` Paul Eggleton
2016-11-24 3:38 ` Robert Yang
2016-11-24 7:46 ` Patrick Ohly
2016-11-24 8:27 ` Robert Yang
2016-11-24 14:09 ` Philip Balister
2016-11-24 14:54 ` Patrick Ohly
2016-11-24 18:59 ` Paul Eggleton
2016-11-29 1:57 ` Khem Raj
2016-11-29 2:45 ` Robert Yang
2016-11-29 3:45 ` Paul Eggleton
2016-11-29 5:36 ` Robert Yang
2016-11-29 6:27 ` Paul Eggleton
2016-11-24 7:51 ` Mike Looijmans
2016-11-30 3:15 ` [PATCH 0/2] fix can't login when debug-tweaks is not in IMAGE_FEATURES Robert Yang
2016-11-30 9:28 ` ChenQi
2016-11-30 9:32 ` ChenQi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1479899811.31880.37.camel@intel.com \
--to=patrick.ohly@intel.com \
--cc=liezhi.yang@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.