[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password display problem with ldapmodify (ITS#363)

To: openldap-its@OpenLDAP.org
Subject: Re: Password display problem with ldapmodify (ITS#363)
From: kurt@boolean.net
Date: Wed, 17 Nov 1999 17:28:39 GMT

David J N Begley wrote:
> 
> On Wed, 17 Nov 1999, kurt@boolean.net wrote:
> 
> > At 07:14 AM 11/15/99 GMT, richarde@eskom.co.za wrote:
> > >Full_Name: Richard Ellerbrock
> [...]
> > >in unix speak). Well, doing a ps -ef allows anybody to see the password during
> > >the update process. Have the development team thought of modifying the process
> > >display to blank out the password. I have seen other applications do this -
> > >MySQL is one of them.
> >
> > Thanks for the suggestion.  We'll put this into the queue.
> 
> Sendmail is another such application that can modify its appearance in the
> process table;  problem is, not all platforms support this capability (eg.,
> SunOS 4.x does, SunOS 5.x doesn't) which means you'd still need some other
> method to "protect" other platforms...

A number of applications within OpenLDAP use setproctitle() (when it's
supported by the underlying OS).  We need to use it in more sitituations.

Kurt

-- 
Kurt D. Zeilenga <kurt@boolean.net>
Net Boolean Incorporated <http://www.boolean.net/>

Prev by Date: Re: Password display problem with ldapmodify (ITS#363)
Next by Date: Re: slapd crash report (ITS#357)
Index(es):
- Chronological
- Thread