I would recommend your security department to instead of focusing on Linux/SSSD to take a look at Windows/lsass - Windows is caching user credentials as well and it's not a problem for them? O.
-----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Thursday, August 09, 2018 11:51 AM To: [email protected] Subject: [SSSD-users] SSSD cache security Hello! We are deploying SSSD for authentication with an LDAP backend, and we are getting pushback from our Security colleagues about using SSSD to cache user credentials.. I would like to have some documentation to show them how this cache is kept secure...where can I find information to support this? Thanks! K. _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/3TDNX6UVAB3TT25UHVJPT2NRDOJLO4EM/ ----- The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: [email protected]. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18. _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/VR6G6WPG2XHSZCCKQDEN5WQL3VFPBIPN/
