password in bacula-fd.conf is not auto-generated
Bug #222558 reported by
Henning Holtschneider
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bacula (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: bacula-fd
While the hostname is being substituted in bacula-fd.conf, the default director passwords are the same on all installations. The sample passwords "look" random and there is no notice in the file that the passwords should be changed to result in a secure installation. In fact, the comments in the file even state:
# There is not much to change here except perhaps the
# File daemon Name to
The postinst script should either generate a random password or there should be a comment in the file indicating that the default password is insecure.
Related branches
CVE References
To post a comment you must log in.
Which version is this?
Thanks
chuck