Not to mention I have to stress that this is no different from running free-radius in a non pfSense environment. Your real beef is with the freeradius authors, not us.
Scott On 8/5/05, Bill Marquette <[EMAIL PROTECTED]> wrote: > On 8/5/05, Paul Taylor <[EMAIL PROTECTED]> wrote: > > Bill, > > > > Well, yes, I realize that base64encoding doesn't provide much in the > > way of security... But it's better than the data being completely in the > > clear... I have some encryption/decryption code around here somewhere that > > could probably be used, but of course the key would have to be in the code, > > where it could be seen, so even that doesn't provide great security... > > And I disagree. base64encoding provides zero security. Obscuring the > data is no excuse for real protection. If we can protect it the right > way (a one way hash), we will. Anything less than a one-way hash > means it's reversible, passwords shouldn't be reversible in any way > shape or form - I'd rather have glaring plaintext passwords reminding > me to do something about them than something that at first glance > passes muster. I'll personally back out any commit that does a > half-ass job at it (not that I expect anyone to make such a commit). > > Don't hand out your config.xml and you'll be fine. > > --Bill > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
