[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: root password is not stored in /etc/cipux/

Dear Petter Reinholdtsen,

On Tuesday 12 December 2006 09:57, you wrote:
> [Christian Kuelker]
> > pere suggest to use some cookie based method for avoid the storeage
> > of the root password in /etc/cipux.
> Here is a misunderstanding.  The problem to solve is the fact that the
> LDAP admin password is stored on disk.  The fact that it is the same
> as the system root password is a minor implementation detail. 

No that it not minor. Because that made it in clear text the same.

> Neither password should be stored on disk. 

Well in principal yes.

I would not store the (posix) root password on disk.  
I would store the database password, because to let this in
the hand of teachers is even more dangerous.

> I suspect the rest of your message 
> would be different if you base it on the fact that the problem is
> storing the LDAP admin password on disk, so I will skip commenting the
> rest of your email.

No I was aware that you know the difference. But I want to make it clear.

But why you store the cn=smbadmin in clear text on disk? Which is again the 
root password.


Reply to: