hi olaf, On Sun, May 14, 2006 at 10:20:55PM +0200, Olaf van der Spek wrote: > So could you please explain what part of your 'general principle' is > against communicating a random password to the administrator?
if it's done via debconf it will be world-readable (though actions could
be taken to reduce that window of time by deleting the prompt
afterwards. and the systems-administrator in me would scream at the
idea of putting it in an email, which is where it could end up
if the admin does not see the debconf note.
placing it in a file would be less of an issue, and i'm not as opposed
to that, but i think i still like prompting the admin for a real
password and not storing it anywhere.
sean
--
signature.asc
Description: Digital signature
