Coda File System

Re: Coda authentification & LDAP

From: S. Cance <stephane.cance_at_enst-bretagne.fr>
Date: Fri, 09 Mar 2007 21:10:17 +0100
u+codalist-p4pg_at_chalmers.se wrote:
> Hi Stephane,
>
> On Fri, Mar 09, 2007 at 04:33:05PM +0100, S. Cance wrote:
>   
>> Thanks to your explanations, I can only think of one way to use LDAP and 
>> Coda and it would be to export LDAP users/passwords into coda database 
>> (via pdbtool) (the passwords would be hashed). Then before negociating 
>>     
>
> pdbtool does not do anything with passwords, they are kept in a separate
> file and handled separately.
>   
Oups, my bad, I will need to set up password with au or another tool. 
Anyway it can be done.
> Note that password hashes in LDAP are presumably widely accessible.
> If you put them into Coda password database, you open all Coda accounts
> to anyone who can read your hashes from LDAP.
>   
in fact, the current settings of the LDAP server makes it impossible to 
access the passwords field without being authenticated as the admin.
that is why this shouldn't be a problem. Anyway, I won't try to do a 
coda-ldap tool, it seems not wise.

-- 
stephane
Received on 2007-03-09 15:14:00