On 03/01/2010 10:41 PM, Adam Jackson wrote:
Previously, we would only start sshd if you'd passed --kickstart to
anaconda.
Note that, in the absence of a kickstart file specifying users, this
will start sshd with no password for root. Treat this like you would
treat 'vnc' with no 'vncpasswd'.
Hi Adam,
I like the patch.
I looked at our code in flags.py however and it looks like flags.sshd is
True by default even if no 'sshd' is passed on the kernel command line.
Anaconda guys, correct me if I am wrong:
Isn't this a security flaw actually? Because at the moment whenever
someone uses a kickstart, sshd is started. Most kickstarts probably
don't specify any ssh parameters (also because these are not documented
here: http://fedoraproject.org/wiki/Anaconda/Kickstart), so most
kickstart installs have an sshd ready to accept incoming connections for
root without a password. So someone could connect and mess with the
stuff in /mnt/sysimage for instance.
I think the fix should be to have
self.__dict__['flags']['sshd'] = 0
in flags.py by default.
Ales
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
