Hi mentors, I'm currently packaging pixelpost (ITP #470214) which is a photoblog application written in php and using mysql. The installation process requires to create an 'admin' account in the database with, of course, a password.
My question is: what do you think is the best solution to set this password? One solution, the easiest on the package development point of view, is to set a default password documented in the README.Debian. Of course, this is not beautiful and can be a security issue, especially if the user doesn't change it immediately... Another solution would be to use debconf to ask for a password during the configuration of the package. The level for the question would probably be "medium". But if debconf is configured to show only questions with a level higher than critical, what will be the value of the password? Moreover in that case, how to inform the user of the default password? I guess some of you already faced this kind of situation, so your feedback is welcome :-) Thanks, Xavier
signature.asc
Description: Digital signature
