Hi Frank,
ownCloud updates the encrypted key, which is used to encrypt the files, every-time a user or admin changes the password. So password change is possible. But this only works for local accounts at the moment and doesn´t work with ldap users because we don´t get notification if a password is changed remotely. The only solution to solve this is to store the password locally and compare it with the ldap login password at the moment the user logs in and update the encrypted key. This would be a huge security problem obviously.Because of that encryption and ldap are both switched off by default currently. We don´t recommend that admins turn on both at the same time because of the reason you just mentioned. I will add a warning to the code about that. Sorry for the trouble. We try to improve the encryption significantly in the next version and we hope to find a solution for ldap users.
OK, but I don't understand, why you use the user's password as the key. In the encryption module of Drupal, for example, you have to enter the encryption key in the admin menu, and it is stored in the database. Other systems are using a hidden file for the key. But the user password is really a bad idea, IMO
Dirk
smime.p7s
Description: S/MIME Kryptografische Unterschrift
_______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
