Re: [Gqclient-discuss] 0.7.0beta1 - Status
Status: Beta
Brought to you by:
sur5r
Menu
▾
▴
Re: [Gqclient-discuss] 0.7.0beta1 - Status
|
From: Peter S. <pe...@st...> - 2002-10-11 07:20:24
|
On Fri, 11 Oct 2002, Dave Horsfall wrote:
> Date: Fri, 11 Oct 2002 13:12:32 +1000 (EST)
> From: Dave Horsfall <da...@ci...>
> To: GC Client Discussion List <Gqc...@li...>
> Subject: Re: [Gqclient-discuss] 0.7.0beta1 - Status
>
> On Thu, 10 Oct 2002, Peter Stamfest wrote:
>
> > Thanks as well, you see, my keyboard is, well, funky. Some keys do have
> > there problems (you may find some ddouble-d-s [see] lately in my posts, as
> > well as s-problems, v-problems, ...) I am looking for a supply of those
> > old IBM keyboards you could use to kill somebody because of their weight.
> > NB: My keyboard is dated Dec-1994 with a (c) date of 1984!!!
>
> Yes, I know the keyboards you mean! A nice positive action, so you
> knew whether a key was pressed or not. Bit rough on the ears, though.
People are always impressed if we talk on the phone and I happen to type
away on the keyboard...
> Another suggestion: now that passwords are encoded, there's no need for
> that pop-up that asks "Do you want to store your bind password as
> clear text?".
No, this is not true. Passwords are encoded, not encrypted. Ie. they are
available in cleartext-equivalent form:
Thus if one really forgets a password (or gets hold of somebody else's .gq
file) one can always do the following:
Lookup bindpw and pw-encoding:
<bindpw>c2VjcmV0</bindpw>
<pw-encoding>Base64</pw-encoding>
In case of "Base64" (the only known encoding at this time):
echo c2VjcmV0 | mimencode -u # prints "secret"
(mimencode taken from the metamail package). The reason for this is that
to bind to an LDAP server we need the password in its original, cleartext,
form.
Encoding is done to prevent a casual observer of the password (eg. a
sysadmin digging around in backups, grepping around for something, a
co-worker casually looking on your screen when you have opened .gq in your
fav editor, whatever) of obtaining a password without actually wanting to.
This is similar to why basic authentication in HTTP encodes the password
as well - people sniffing around legally should not see passwords without
wanting to.
The reason for the existance of <pw-encoding> is the anticipation of a
possible "master password" used to encode/decode a <bindpw> using a
symmetric cipher. This would have to be entered immediately after program
start. OTOH: maybe it would be better to encrypt the entire .gq config
file then, as there is other sensitive information in there, like the
binddn, the hostname/LDAP URI and possibly others. But such a decision has
not yet been made.
BTW: What do people think about such an (optional) master-password?
peter
|