Date: Fri, 11 Oct 2002 09:21:53 +0200 From: Jorge Bianquetti de las Heras <jbianquetti@sadiel.es> To: Paulo Fragoso <paulo@nlink.com.br> Cc: freebsd-isp@freebsd.org Subject: Re: Some questions about LDAP Message-ID: <20021011092153.7f8040f5.jbianquetti@sadiel.es> In-Reply-To: <200210100805.48949.paulo@nlink.com.br> References: <200210100805.48949.paulo@nlink.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
>Is possible someone (hacker or root)
> logged into a client machine request all crypt passwords stored on LDAP
> server?
Yes, but you may configure slapd.conf to avoid this.
access to attrs=userPassword
by self write
by anonymous auth
by dn="cn=manager,o=XXX,c=ES" write
by dn="o=XXX,c=ES" write
by dn="Officer, o=XXX, c=ES" write
> What is the best way (security) to centralize our passwords for answer auth
> requests from a remote host using pam module?
>
Use SSL connections between clients and servers
> Thanks,
> Paulo.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
--
Saludos, Jorge.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021011092153.7f8040f5.jbianquetti>