I'm sorry I did not respond to this bug earlier. I missed Chuck's reply
in April. Kern is absolutely right, this is a packaging problem
inherited from Debian.
I didn't want to make the problem bigger than it acutally is. People who
are using Bacula should be aware of the fact that the software uses a
shared secret to communicate between the different components of the
software package. But Joe Average who runs Bacula with the default
settings coming from the .deb package will find himself left with a
shared secret common to all Ubuntu Bacula installations and there are no
indications whatsoever in the READMEs or in the configuration files
which indicate this weakness.
Depending on your point of view, you might consider this a serious
security issue.
** Changed in: bacula (Ubuntu)
Status: Invalid => New
--
password in bacula-fd.conf is not auto-generated
https://bugs.launchpad.net/bugs/222558
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
