Hi all,
Recently on one of my systems I installed a jail from scratch (I usually
copy my jails from other machines). Before running it, I checked to see
if the password format was the one I was expecting to be with vipw(8)
and I saw that the root password was empty. I understand that this is
the case with "make installworld" and that it is also the case when
installing a system from CLI; it's not the first time I noticed it, and
I suppose there is a reason for root's default password to be empty and
not starred out -probably to prevent someone from getting locked out
from the machine accidentally before setting a root password-.
Furthermore, I know that this is documented in jail(8)'s man page, but
due to the security risk imposed when someone forgets to set a password
for root, I see no reason why a reminder for setting the root password
should not be mentioned in the Handbook's jail section as well, with
bold fonts or in a warning-box.
Thank you all for your time in advance,
George Mamalakis.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-doc
To unsubscribe, send any mail to "[email protected]"
