security risk in the profile LFS-4.0

Gerard Beekmans gerard at linuxfromscratch.org
Wed Oct 9 16:03:01 PDT 2002


On October 9, 2002 04:23 pm, Vassili Dzuba wrote:
> I changed the profile to add a password if one creates
> the temporary user (but of course does not change the password if the
> user already exists).

Setting or not setting a password poses no security risk. If you don't have a 
password set, you simply can't login as that user directly, unless you su to 
root first, then you can change to the lfs user.



-- 
Gerard Beekmans
www.linuxfromscratch.org

-*- If Linux doesn't have the solution, you have the wrong problem -*-
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe alfs-discuss' in the subject header of the message



More information about the alfs-discuss mailing list