security risk in the profile LFS-4.0

Gerard Beekmans gerard at
Wed Oct 9 16:03:01 PDT 2002

On October 9, 2002 04:23 pm, Vassili Dzuba wrote:
> I changed the profile to add a password if one creates
> the temporary user (but of course does not change the password if the
> user already exists).

Setting or not setting a password poses no security risk. If you don't have a 
password set, you simply can't login as that user directly, unless you su to 
root first, then you can change to the lfs user.

Gerard Beekmans

-*- If Linux doesn't have the solution, you have the wrong problem -*-
Unsubscribe: send email to listar at
and put 'unsubscribe alfs-discuss' in the subject header of the message

More information about the alfs-discuss mailing list