On Sep 5, 2006, at 9:27 AM, Peter Cushing wrote:
What about Vassilis' other point that if you know where the encrypted version of the password is stored, you can save your own encrypted version over it? Sounds like a good hack but I'm sure it must have been thought of before. Just wondering what is there to stop this happening.
Again, you're assuming that you have full write privileges on the server. If you're at that point, all bets are off.
I'm assuming that you're talking about someone from the *outside* trying to hack their way in. If this is someone with root privileges on the server, well, of course they can do whatever they want.
-- Ed Leafe -- http://leafe.com -- http://dabodev.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
