SYSKEY2. Request For Comments
Luke Kenneth Casson Leighton
lkcl at samba.org
Tue Feb 8 16:52:02 GMT 2000
On Tue, 8 Feb 2000, Cole, Timothy D. wrote:
> > -----Original Message-----
> > From: Luke Kenneth Casson Leighton [SMTP:lkcl at samba.org]
> > Sent: Friday, February 04, 2000 15:40
> > To: Multiple recipients of list SAMBA-NTDOM
> > Subject: Re: SYSKEY2. Request For Comments
> >
> > phil, this isn't about root being trusted or untrusted. it's about making
> > sure that only root can decode a password stored in a location in a
> > publicly accessible file.
> >
> From a mathematical standpoint, you can't guarantee that. The real
> solution is not to put the password in a publicly accessible file.
for ldap, mysql, nis+ and other future systems, that's not possible, tim,
unless the remote protocol supports the concept of "public" and
"not-public" and "secure" and "in-the-clear" over-the-wire.
which none of them do, and we're _still_ going to be using them.
More information about the samba-ntdom
mailing list