subject:"\[patch\] upon install of new operating system version, do not set root password to empty string"

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-12-04 Thread Stefan Sperling

On Sun, Dec 03, 2017 at 08:31:34AM +, Robert Peichaer wrote: > This is the exact code, that is already in install.sub. > So I don't understand this proposal. > > -- > -=[rpe]=- It's a joke diff only Mac users would have the capacity to understand. See

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-12-04 Thread Rodrigo Mosconi

2017-11-28 21:59 GMT-02:00 Ian Sutton : > This is a highly theoretical and experimental mitigation which stops the > root password on newly upgraded/installed systems from being an empty > string. The thinking is that by not shipping an operating system with a > known root password,

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-12-03 Thread Robert Peichaer

On Wed, Nov 29, 2017 at 08:06:39AM +0100, Otto Moerbeek wrote: > On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote: > > > This is a highly theoretical and experimental mitigation which stops the > > root password on newly upgraded/installed systems from being an empty > > string. The

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-11-28 Thread Otto Moerbeek

On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote: > This is a highly theoretical and experimental mitigation which stops the > root password on newly upgraded/installed systems from being an empty > string. The thinking is that by not shipping an operating system with a > known root

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-11-28 Thread Stefan Sperling

On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote: > This is a highly theoretical and experimental mitigation which stops the > root password on newly upgraded/installed systems from being an empty > string. The thinking is that by not shipping an operating system with a > known root

[patch] upon install of new operating system version, do not set root password to empty string

2017-11-28 Thread Ian Sutton

This is a highly theoretical and experimental mitigation which stops the root password on newly upgraded/installed systems from being an empty string. The thinking is that by not shipping an operating system with a known root password, certain classes of attacks involving logging into the root

Re: [patch] upon install of new operating system version, do not set root password to empty string

Re: [patch] upon install of new operating system version, do not set root password to empty string

Re: [patch] upon install of new operating system version, do not set root password to empty string

Re: [patch] upon install of new operating system version, do not set root password to empty string

Re: [patch] upon install of new operating system version, do not set root password to empty string

[patch] upon install of new operating system version, do not set root password to empty string

6 matches

Site Navigation

Mail list logo

Footer information