Andy Kurth created VCL-885:
------------------------------
Summary: Windows.pm::sanitize_files doesn't remove password if
changed since capture
Key: VCL-885
URL: https://issues.apache.org/jira/browse/VCL-885
Project: VCL
Issue Type: Improvement
Components: vcld (backend)
Affects Versions: 2.4.2
Reporter: Andy Kurth
Assignee: Andy Kurth
Fix For: 2.4.3
The password of the root and Administrator accounts in Windows images get set
to a known value stored in _vcld.conf_ when an image is captured. These
accounts' passwords are randomized after an image is loaded.
There is at least one script (_autologon_enable.cmd_) stored in Windows images
which contains the default password. {{Windows.pm::sanitize_files}} attempts
to remove the default password from this script and other files it finds under
_C:\Cygwin\home\root_.
If the default password is changed in _vcld.conf_ after an image is captured,
the old password will not be removed from the files because the VCL process
only searches for the current value. This should be improved.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
