On Sun, Dec 03, 2017 at 08:31:34AM +, Robert Peichaer wrote:
> This is the exact code, that is already in install.sub.
> So I don't understand this proposal.
>
> --
> -=[rpe]=-
It's a joke diff only Mac users would have the capacity to understand.
See https://mobile.twitter.com/lemiorhan/sta
2017-11-28 21:59 GMT-02:00 Ian Sutton :
> This is a highly theoretical and experimental mitigation which stops the
> root password on newly upgraded/installed systems from being an empty
> string. The thinking is that by not shipping an operating system with a
> known root password, certain classe
On Wed, Nov 29, 2017 at 08:06:39AM +0100, Otto Moerbeek wrote:
> On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote:
>
> > This is a highly theoretical and experimental mitigation which stops the
> > root password on newly upgraded/installed systems from being an empty
> > string. The thin
On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote:
> This is a highly theoretical and experimental mitigation which stops the
> root password on newly upgraded/installed systems from being an empty
> string. The thinking is that by not shipping an operating system with a
> known root pass
On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote:
> This is a highly theoretical and experimental mitigation which stops the
> root password on newly upgraded/installed systems from being an empty
> string. The thinking is that by not shipping an operating system with a
> known root passw
This is a highly theoretical and experimental mitigation which stops the
root password on newly upgraded/installed systems from being an empty
string. The thinking is that by not shipping an operating system with a
known root password, certain classes of attacks involving logging into
the root acco