[OE-core] [PATCH 2/2] base-passwd: set root's default password to 'root'

Robert Yang liezhi.yang at windriver.com
Tue Nov 29 02:45:51 UTC 2016



On 11/29/2016 09:57 AM, Khem Raj wrote:
>
>> On Nov 24, 2016, at 10:59 AM, Paul Eggleton <paul.eggleton at linux.intel.com> wrote:
>>
>> On Thu, 24 Nov 2016 08:46:29 Patrick Ohly wrote:
>>> On Thu, 2016-11-24 at 11:38 +0800, Robert Yang wrote:
>>>> Currently, debug-tweaks is in EXTRA_IMAGE_FEATURES by default for poky,
>>>> and
>>>> there is no passwd, so that user can login easily without a passwd, I
>>>> think
>>>> that current status is more unsafe ?
>>>
>>> Both well-known password and no password are unsafe. User "root" with
>>> password "root" is not even "more" safe already now, because tools that
>>> brute-force logins try that. Choosing something else would be a bit
>>> safer for a short while until the tools add it to their dictionary.
>>>
>>> Poky is also targeting a different audience than OE-core. Poky can
>>> assume to be used in a secure environment, OE-core can't (because it
>>> might be used for all kinds of devices).
>>
>> I don't think that's part of the design goals on either side, it's simply
>> about making development easier. The feature is clearly labelled "debug-
>> tweaks" because it's for debugging not for production. It could be that we
>> should make it do other things like append a notice to /etc/issue to avoid
>> people leaving it on for production, if that is a concern.
>>
>
> Sometimes such goals can lead to problems. Making development easier by
> all means if you can ensure a hard error on production e.g. debug-tweaks can
> then never be part of production images. Otherwise someone will forget it
> and it will be discovered on millions of devices in field along with the user
> project will be red-faced.

Will something like IMAGE_FEATURES += "production" help here ? We may also
need something like IMAGE_FEATURES += "test" to make it can work with
-ctestimage.

// Robert

>



More information about the Openembedded-core mailing list