[
https://issues.apache.org/jira/browse/VCL-885?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14626915#comment-14626915
]
ASF subversion and git services commented on VCL-885:
-----------------------------------------------------
Commit 1691065 from [~arkurth] in branch 'vcl/trunk'
[ https://svn.apache.org/r1691065 ]
VCL-885
Updated Windows.pm::sanitize_files to attempt to retrieve the default Windows
root password from autologon_enable.cmd. If it finds a password which is
different than the current default password, it adjusts the sed search pattern
to include both the old and new passwords.
> Windows.pm::sanitize_files doesn't remove password if changed since capture
> ---------------------------------------------------------------------------
>
> Key: VCL-885
> URL: https://issues.apache.org/jira/browse/VCL-885
> Project: VCL
> Issue Type: Improvement
> Components: vcld (backend)
> Affects Versions: 2.4.2
> Reporter: Andy Kurth
> Assignee: Andy Kurth
> Fix For: 2.4.3
>
>
> The password of the root and Administrator accounts in Windows images get set
> to a known value stored in _vcld.conf_ when an image is captured. These
> accounts' passwords are randomized after an image is loaded.
> There is at least one script (_autologon_enable.cmd_) stored in Windows
> images which contains the default password. {{Windows.pm::sanitize_files}}
> attempts to remove the default password from this script and other files it
> finds under _C:\Cygwin\home\root_.
> If the default password is changed in _vcld.conf_ after an image is captured,
> the old password will not be removed from the files because the VCL process
> only searches for the current value. This should be improved.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
