-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tanner Lovelace wrote: |>From what I've read, this only seems to affect Ubuntu Breezy and | not previous or later releases. It would also affect Dapper installations | that have upgraded from Breezy. Upgrading the passwd package | (which should be in the normal updates, I assume) will fix the problem. | (All of which was mentioned in the link Dan posted.) | | Cheers, | Tanner
The Ubuntu installer logged all questions asked and answered. The first user's password was an installer question. The answer gets logged. Joy! However, it is /not/, as some slashdotters seem to think, as blatant as "fprintf(log, "The root password is: %s\n", password);" =D It was more like Something Ian Would Do(tm), which involves forgetting a whole lot of things ;] btw, for the other slashdotters, who have been complaining "the updates only fix the installer, what about the logs? (from the advisory): "The updated packages remove the passwords and additionally make the log files readable only by root." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEFekPwsRpgTiXSOERAo9iAJ93XjajRNiWTvo8Cj0mAcMoOzS1HwCgyeyi vMOiJpgkm8+CMGbNCKFCtQE= =aQNW -----END PGP SIGNATURE----- -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
