[TriLUG] Ubuntu - great security - you'll love this
Jason Faulkner
jasonlf at gmail.com
Mon Mar 13 08:58:36 EST 2006
I'm not trying to bash, but this isn't a vulnerability that's just "fixed".
There are thousands of ubuntu installs that now have root passwords in
their installerlogs. For a "grandma" user, which most people point
toward ubuntu nowadays, they're clueless about it, and now their boxes
are setup to be screwed over just any shell exploit.
--Jay
On 3/13/06, crimsun at fungus.sh.nu <crimsun at fungus.sh.nu> wrote:
> On Mon, Mar 13, 2006 at 07:04:06AM -0500, Magnus wrote:
> > The root password from the first user registred by Breezy can be found by
> > any user by reading the file /var/log/installer/cdebconf/questions.dat
>
> Pretty ugly. And of course, fixed [0].
>
> [0] http://www.ubuntu.com/usn/usn-262-1
--
Jason Faulkner
------------------------
OldOs.org Owner/Admin //
OpenDocument Fellowship Sysadmin
More information about the TriLUG
mailing list