Issue #792 has been updated by Clément OUDOT. Status changed from Assigned to Feedback Target version changed from 2.2 to Not planned
As we can do Kerberos, I think this issue can be closed, agree? ---------------------------------------- Feature #792: password in lsc.xml can only be clear text http://tools.lsc-project.org/issues/792 Author: Christian Iuga Status: Feedback Priority: Normal Assigned to: Clément OUDOT Category: Core Target version: Not planned Hi, To improve the security, it's will be good to have the possiblity to set encrypted password on the lsc.xml As i have read this mail archive : " https://www.mail-archive.com/[email protected]/msg01553.html " The password should be in clear in lsc.xml, but you have to restrict the access to this file to the lsc program. Sorry to say that, but i don't want to trust on my linux server policy : Actually as it's not possible to set a encrypted password so all people with root permission where it's running the LSC (can) known critical password of ldap "administrator" of ALL providers For me it's a important security issue -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-dev mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-dev
