Bob Doolittle wrote: > David Markey wrote: >> Thanks Bob, >> >> As far as i can see from the internal sun script each users smart card >> ID's are queryable anonymously via LDAP(This is how the username is >> mapped to the smartcard ID in AMGH). Are there security risks attached >> to smart card ID's being queryable via anonymous LDAP? >> > > Any publicly accessible data poses some degree of security risk, it's > a question of how much exposure you're willing to tolerate. > > From an SRSS point of view, with 4.1 the smartcard id itself doesn't > pose a security risk if the default RHA feature is not disabled - a > user must authenticate to Solaris in order to access a session. > > Within Sun, we allow anonymous queries of smartcard IDs and usernames. > > -Bob > > > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users If it's good enough for you guys its good enough for us.
Thanks. _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
