boinc manager password is empty by default
Bug #328477 reported by
Evgeny Kapun
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
boinc (Ubuntu) |
Won't Fix
|
Low
|
Unassigned |
Bug Description
I am using Ubuntu 8.10 and boinc-client 6.2.12-1.
When user installs BOINC client RPC password is empty unless user manually edits /etc/boinc-
To post a comment you must log in.
This is a serious security bug. It allows any local user to run arbitrary code under the 'boinc' user by attaching his own project.