diff options
| author | Paul Eggleton <paul.eggleton@microsoft.com> | 2022-04-21 18:40:35 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-04-25 15:22:12 +0100 |
| commit | ad8d1e6228ff7a2ebae2cd0137c55b1c987461ce (patch) | |
| tree | 22f691593d43e32f038da8497228afaa652e0264 /documentation | |
| parent | b80972f3adf89d09fc388c7a089a530f5e7508a8 (diff) | |
| download | poky-ad8d1e6228ff7a2ebae2cd0137c55b1c987461ce.tar.gz | |
ref-manual: add a note about hard-coded passwords
It seems prudent to point out that hard-coding passwords in the manner
detailed in the example is not a good idea in production. This type of
mistake has unfortunately been made by many device vendors (outside of
the Yocto Project context) leading to security vulnerabilities.
(From yocto-docs rev: 1d07dba9423ae0a841eccb58c297e31b63c3965d)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'documentation')
| -rw-r--r-- | documentation/ref-manual/classes.rst | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/documentation/ref-manual/classes.rst b/documentation/ref-manual/classes.rst index 6ba792d3f9..60423d8533 100644 --- a/documentation/ref-manual/classes.rst +++ b/documentation/ref-manual/classes.rst | |||
| @@ -576,6 +576,14 @@ Finally, here is an example that sets the root password:: | |||
| 576 | usermod -p '${PASSWD}' root; \ | 576 | usermod -p '${PASSWD}' root; \ |
| 577 | " | 577 | " |
| 578 | 578 | ||
| 579 | .. note:: | ||
| 580 | |||
| 581 | From a security perspective, hardcoding a default password is not | ||
| 582 | generally a good idea or even legal in some jurisdictions. It is | ||
| 583 | recommended that you do not do this if you are building a production | ||
| 584 | image. | ||
| 585 | |||
| 586 | |||
| 579 | .. _ref-classes-features_check: | 587 | .. _ref-classes-features_check: |
| 580 | 588 | ||
| 581 | ``features_check.bbclass`` | 589 | ``features_check.bbclass`` |