Re: Can I use hashed password for ldap_bind_pw in saslauthd.conf?

• Previous message: Igor Brezac: "Re: Can I use hashed password for ldap_bind_pw in saslauthd.conf?"
• Maybe in reply to: (no name): "Can I use hashed password for ldap_bind_pw in saslauthd.conf?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2005-10-06 at 09:39 -0400, Raymond T. Sundland wrote:
> chmod 400 saslauthd.conf
>
> If someone has enough access to read the file at this point, they have
> enough access to modify your LDAP database files using the 'slapcat'
> and 'slapadd' commands, so any additional security of a hashed
> password would be useless.
>
> wrote:
> >
> > It's really a bad idea to use clear text..

Exactly, but if you're that worried about it, make a user in your LDAP
directory that can only auth and do nothing else.

Z

----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

• Previous message: Igor Brezac: "Re: Can I use hashed password for ldap_bind_pw in saslauthd.conf?"
• Maybe in reply to: (no name): "Can I use hashed password for ldap_bind_pw in saslauthd.conf?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]