Xavier Luthi <[EMAIL PROTECTED]> writes: > I'm currently packaging pixelpost (ITP #470214) which is a photoblog > application written in php and using mysql. The installation process > requires to create an 'admin' account in the database with, of > course, a password.
Apparently based on the assumption that the installation will in all cases be monitored by a person babysitting the installation process. > My question is: what do you think is the best solution to set this > password? Since the above assumption is not necessarily true on a Debian system, and (as you point out) a debconf query for the password might not be answered at install time, you should have the package installed such that it allows *no* access until the password is chosen by the administrator. > One solution, the easiest on the package development point of view, > is to set a default password documented in the README.Debian. Of > course, this is not beautiful and can be a security issue, > especially if the user doesn't change it immediately... I would modify "can be" to "is definitely" a security issue. Don't do that. Installing applications with default passwords is not a valid approach for a 21st century package. Instead, in the absence of explicitly choosing a password, the application should be installed such that it will deny authentication until such a password is explicitly chosen. -- \ "I got a postcard from my best friend, it was a satellite | `\ picture of the entire Earth. On the back he wrote, 'Wish you | _o__) were here'." -- Steven Wright | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
