The build process expects a default password, but does not bother to set it #63

Closed
slippycheeze opened this Issue Feb 15, 2013 · 1 comment

Projects

None yet

2 participants

@slippycheeze
Contributor

The build process expects a fixed default password in the development and debug builds, but does not bother to set that. This leads to users, and our CI system, unexpectedly building ISO images that don't allow login as expected.

Since this is a fixed, documented, default password there is no more security exposure to be putting it in as the default in the scripts than it does to manually enter it on every automated, central build.

Ultimately this should probably be eliminated entirely, because it has zero security value: any attacker can simply read our documentation, and any automated tool can add whatever password we pick, but for now this improves utility without surprising our existing userbase.

@slippycheeze slippycheeze was assigned Feb 15, 2013
@slippycheeze slippycheeze added a commit that closed this issue Feb 15, 2013
@slippycheeze slippycheeze The build process expects a default password, but does not bother to …
…set it

The build process expects a fixed default password in the development and
debug builds, but does not bother to set that. This leads to users, and our CI
system, unexpectedly building ISO images that don't allow login as expected.

Since this is a fixed, documented, default password there is no more security
exposure to be putting it in as the default in the scripts than it does to
manually enter it on every automated, central build.

Ultimately this should probably be eliminated entirely, because it has zero
security value: any attacker can simply read our documentation, and any
automated tool can add whatever password we pick, but for now this improves
utility without surprising our existing users.

This closes #63.

Signed-off-by: Daniel Pittman <daniel@rimspace.net>
be61113
@tjmcs
Contributor
tjmcs commented Feb 15, 2013

Keep in mind that this is not a security issue, the default password shown here is only used in the debug and development Microkernels, and these Microkernel types are not intended to be used in a production environment. The debug Microkernel is intended to be used for debugging of issues that might arise between the Microkernel and Razor, and the development Microkernel is intended to be used by developers (who are working on either the Razor or Razor-Microkernel projects and want to test their code changes before submitting them in the form of a pull request). In the production Microkernel, which is the only ISO we intended to have used in a typical production environment, all access to the Microkernel by the tc user is disabled (password access by the tc user is completely disabled at the /etc/passwd).

Also, keep in mind that the only real difference between the development and debug Microkernels is whether or not an autologin of the tc user is performed at the end of the boot process. For a development Microkernel the tc user can login from locally (via the console) or remotely (via SSH) using this default password. For the debug Microkernel, on the other hand, the tc user can login remotely using this password via SSH and is autologged in at the console when the boot process completes (so no password is necessary there).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment