Page MenuHomeVyOS Platform

Do not set encrypted user password when it is not changed
Closed, ResolvedPublicFEATURE REQUEST

Description

On every system boot the encrypted user password is written from the config into theoperating system. This information will leak into the generated bootchart when debugging the system startup time issue.

Only pass the encrypted string to the operating system when the password is really changed.

As the system boot timing option is for deleopers only and rather new this does not pose a security risk, to enable it read https://docs.vyos.io/en/latest/contributing/development.html#boot-timing.

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Behavior change

Event Timeline

c-po closed this task as Resolved.Fri, May 22, 9:50 AM
c-po claimed this task.
c-po triaged this task as High priority.
c-po created this task.
c-po changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
c-po changed Is it a breaking change? from Unspecified (possibly destroys the router) to Behavior change.
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Fri, May 22, 10:37 AM
pasik added a subscriber: pasik.Fri, May 22, 12:15 PM