Re: Authorisation again. Security.

To: debian-russian@lists.debian.org
Cc: Anton Petrusevich <casus@bugs2k.com>
Subject: Re: Authorisation again. Security.
From: Anton Petrusevich <casus@bugs2k.com>
Date: Fri, 30 Nov 2001 09:59:18 -0600
Message-id: <[🔎] 20011130095917.A783@casus.tx>
Mail-followup-to: Anton Petrusevich <casus@bugs2k.com>, debian-russian@lists.debian.org
In-reply-to: <[🔎] 20011130092417.A13833@haunt>
References: <[🔎] 20011130045902.A8205@haunt> <[🔎] 00be01c17951$aef61800$ab101eac@lukoil.perm.su> <[🔎] 20011129223642.A3088@casus.tx> <[🔎] 20011130092417.A13833@haunt>

On Fri, Nov 30, 2001 at 09:24:17AM +0300, Ingvarr Zhmakin wrote:
> On Thu, Nov 29, 2001 at 10:36:42PM -0600, Anton Petrusevich wrote:
> > In fact, APOP and the weaker defined SASL mechanisms such as
> > CRAM-MD5 may potentially be even less secure than transmission of
> > plaintext passwords because of the requirement that plaintext
> > equivalents be stored on the server. 
> Тоже вопрос, в сущности... 
> Что проще -- поставить dsniff на пути или вытащить файл с паролями под
> правами 0600 (в сущности, фишка /etc/shadow тоже именно в правах, а не
> крипте, сколь я понимаю)? Правда, если раздает его сложная и
> непонятная махина типа ldap... 

Задай вопрос Solar Designer'у.
-- 
Anton Petrusevich

Reply to:

Follow-Ups:
- Re: Authorisation again. Security.
  - From: Ingvarr Zhmakin <ingvarr@mail.ru>

References:
- Authorisation again. Security.
  - From: Ingvarr Zhmakin <ingvarr@mail.ru>
- Re: Authorisation again. Security.
  - From: "Viktor Vislobokov" <vvislobokov@lukoilperm.ru>
- Re: Authorisation again. Security.
  - From: Anton Petrusevich <casus@bugs2k.com>
- Re: Authorisation again. Security.
  - From: Ingvarr Zhmakin <ingvarr@mail.ru>

Prev by Date: Re: Console (Text Based) widget set for Tcl
Next by Date: Re: Console (Text Based) widget set for Tcl
Previous by thread: Re: Authorisation again. Security.
Next by thread: Re: Authorisation again. Security.
Index(es):
- Date
- Thread