[Devel] [ openser-Patches-1671713 ] openserctl setting to hide
plaintext passwords
SourceForge.net
noreply at sourceforge.net
Thu Mar 1 14:56:54 CET 2007
Patches item #1671713, was opened at 2007-03-01 14:56
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1671713&group_id=139143
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: tools
Group: ver devel
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Hans Hoppe (hopha)
Assigned to: Nobody/Anonymous (nobody)
Summary: openserctl setting to hide plaintext passwords
Initial Comment:
The auth_db module provides the choice to use either precalculated HA1 strings stored in the database, or to generate them on the fly using plaintext passwords stored in the database.
The openserctl "add" and "passwd" commands calculate the HA1 strings and store both the HA1 strings and the plaintext password in the database. In case site policy disallows plaintext passwords stored in the database, these must be removed after using "openserctl add" or "openserctl passwd".
I've added a switch to openserctl / openserctlrc / openserctl.sqlbase to allow plaintext passwords to be omitted from the database.
(Patch against 20070224 cvs snapshot)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1671713&group_id=139143
More information about the Devel
mailing list