On 4/17/08, Eric Marden <[EMAIL PROTECTED]> wrote: > >> P.S. - I'm not considering storing the salt in the DB as being > >> properly secured. That's kind of like keeping the key to your house > >> under the door mat. You can get in, if you know where to look. > > > The UNIX passwd database and LDAP userPassword attribute store the > salt in plain sight with the password hash. > > > There are ACLs protecting those assets.
There are no ACLs on the UNIX password datbase and even if there were they wouldn't do any good if the hacker steals the database file(s) (e.g. slapd dbm files). > Still failing to see your point. Clearly. -- Michael B Allen PHP Active Directory SPNEGO SSO http://www.ioplex.com/
