undefined | Better HN

0 pointssephicr8y ago0 comments

Yes, but the most secure thing to do at this point _is_ to recreate the bug and then set a password for the root user.

Otherwise the hole is still there for others to exploit.

0 comments

If you set a root password, this bug still works, it seems to reset the root password.

Edit: I was partly wrong. The bug still works if you disable root afterwards, then it reenables and resets it.

Yeah, you’re safe if you keep the foot account alive and you set a password for root. At least as far as I can tell...

j / k navigate · click thread line to collapse

0 pointssephicr8y ago0 comments

Yes, but the most secure thing to do at this point _is_ to recreate the bug and then set a password for the root user.

Otherwise the hole is still there for others to exploit.

If you set a root password, this bug still works, it seems to reset the root password.

Edit: I was partly wrong. The bug still works if you disable root afterwards, then it reenables and resets it.

Yeah, you’re safe if you keep the foot account alive and you set a password for root. At least as far as I can tell...

j / k navigate · click thread line to collapse