You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When installing from the ISO, the password for root is currently set to a known value and users often skip steps when installing the system.
Best practice prohibits logging in directly as the root user which is the default mode in the SIMP installation.
The original mechanism was put in place for convenience expecting users to change the values by following the documentation.
However, it is possible that this was not done by all users leaving a potential vulnerability on their systems if the default configuration is altered.
Proposed Resolution
The ISO installation should no longer set a root password at all. If users wish to set one, they can do so explicitly post-installation.
The text was updated successfully, but these errors were encountered:
Issue
When installing from the ISO, the password for
root
is currently set to a known value and users often skip steps when installing the system.Best practice prohibits logging in directly as the
root
user which is the default mode in the SIMP installation.The original mechanism was put in place for convenience expecting users to change the values by following the documentation.
However, it is possible that this was not done by all users leaving a potential vulnerability on their systems if the default configuration is altered.
Proposed Resolution
The ISO installation should no longer set a
root
password at all. If users wish to set one, they can do so explicitly post-installation.The text was updated successfully, but these errors were encountered: