On Thursday 05 August 2010, Thibaut Girka wrote: > > Did you actually check this? The password templates are of type > > 'password' and thus the value should be in > > /var/lib/cdebconf/passwords.dat (and thus encoded) instead of in plain > > text in questions.dat. > > Well, you can still db_get the password, can't you?
Yes. > As said earlier, I was, for some reason, sure that the postinst script > didn't clear the passwords... The fact that it clears the passwords is somewhat accidental (it has more to do with allowing to re-enter the passwords if they are unequal than with security considerations). There are also other fields in passwords.dat, like the root and first user passwords, that are possibly not cleared. Systems are vulnerable anyway when people have physical access to them. That they are a bit more vulnerable during installation is almost unavoidable, but in most cases the window (time from start of install to reboot) is quite short. I don't think this is something we should worry too much about. -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201008051458.25739.elen...@planet.nl