icecast2 config/postinst
Robin Gareus
robin at gareus.org
Mon Apr 18 18:42:45 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2011 07:53 PM, Jonas Smedegaard wrote:
> Hi Robin,
>
> On 11-04-18 at 07:29pm, Robin Gareus wrote:
>> I've added config-templates and postinst configuration (passwords,
>> hostname, enable-service) to icecast2.
>
> Nice!
>
>
>> Attached patch applies to revision baf67ba (currently HEAD) on
>> http://git.debian.org/?p=pkg-multimedia/icecast2.git
>>
>> What would be needed to get this into the official icecast2 debian
>> package?
>
> Please open a bugreport against the package and include the patch there.
done.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623256
I inadvertently attached the patch twice (`reportbug` did not list the
attachments; so I thought it missing.. sorry).
> Also, it seems to me from briefly reading it, that you (briefly) expose
> passwords to all local users by printing it as part of an ed command.
AFAICT it does not. It's
cat << _EOF_ | ed ...
So the password is piped to ed and not visible to other process.
> That is (if correctly read) a security flaw and should be avoided.
>
> One way to avoid it is to export the passwords as environment variables
> and then run a short perl script which uses those same variables.
>
> Like this (from a CipUX routine):
>
> export pw="bla"
>
> perl -i -pe "s/[ \t]*#([ \t]*password[ \t]*=).*/\$1\$ENV{'pw'}/" file
>
>
> But please, instead of discussing further here, file a bugreport and
> let's continue the discussion there :-)
sure. It's also not-using-po-debconf for internationalization, yet.
Anyway, one step at a time.
Cheers!
robin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk2shiUACgkQeVUk8U+VK0Ko3QCgiMrJbgnY4Go9BO3JafeTF6vQ
LDUAoJ5kOTymrxrjOLSz/lSLBNnEyJI/
=9PO7
-----END PGP SIGNATURE-----
More information about the pkg-multimedia-maintainers
mailing list