Re: [systemd-devel] [systemd-commits] 10 commits - Makefile.am TODO man/sd_id128_to_string.xml man/systemd.unit.xml src/core src/cryptsetup src/libsystemd-id128 src/nspawn src/nss-myhostname src/shared src/systemd src/test units/.gitignore units/systemd-nspawn@.service.in

Tue, 30 Apr 2013 06:29:06 -0700 

On Tue, Apr 30, 2013 at 04:36:11AM -0700, Lennart Poettering wrote:
> commit 5f1dac6bf605871615b35891a3966fa474db5b20
> Author: Lennart Poettering <lenn...@poettering.net>
> Date:   Mon Apr 29 19:57:29 2013 -0300
> 
>     cryptsetup: warn if keyfiles are world-readable
Hi,

this part is understandable...

> commit 8973790ee6f62132b1b57de15c4edaef2c097004
> Author: Lennart Poettering <lenn...@poettering.net>
> Date:   Mon Apr 29 19:48:03 2013 -0300
> 
>     cryptsetup: warn if /etc/crypttab is world-readable
...but this one not. Majority of crypttabs out there contain stuff
like 'part_crypt /dev/part none luks' and the content can be inferred
from 'ls -l /dev/mapper' and distribution defaults. Passwords cannot
be stored in /etc/crypttab... No need to force people to hide
crypttab for no good reason.

Zbyszek
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to