Hi
On 08/16/2013 03:59 PM, Christian Marillat wrote:
> 1) I don't think user put a / in a password often.
ACK
>
> 2) All cases I've seen (2) was with generated password.
>
> 3/ A solution is to use pwgen without -s and maybe with more characters
> (12).
>
If (2) is true, than 3 should help :)
> "pwgen -s" is :
>
> ,----
> | s, --secure
> | Generate completely random, hard-to-memorize passwords. These should only be used for machine passwords, since otherwise it's almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...
> `----
>
> What do you think ?
pwgen 12 1 shoud be good enough(TM)
I'm not too familiar with failures in postinst scripts (other than these
are annoying), but possibly just a simple test if the string contained a
slash would be in order to quit with an error along with some
documentation what the user needs to do.
But then, "my" patch is pretty minimal and is just for escaping a slash
which is possibly contained within the password (please note, I have not
looked carefully, if the variable is reused later on).
I think your solution is ok, but might fail for existing systems
(unfortunately).
What do other people think?
Cheers
Carsten
