[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticating with blank passwords

To: Emmanuel Dreyfus <manu@netbsd.org>
Subject: Re: Authenticating with blank passwords
From: Howard Chu <hyc@symas.com>
Date: Sun, 08 Jan 2006 21:49:41 -0800
Cc: Max Williams <max.williams@paradise.net.nz>, openldap-software@OpenLDAP.org
In-reply-to: <1h8vwoi.dg65rx11oyurfM%manu@netbsd.org>
References: <1h8vwoi.dg65rx11oyurfM%manu@netbsd.org>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051221 SeaMonkey/1.5a Mnenhy/0.7.3.0

Emmanuel Dreyfus wrote:

Max Williams <max.williams@paradise.net.nz> wrote:
Does anyone know a work around or some way of allowing clients to authenticate with blank passwords?
Write a shell backend that only do the authentication?

That won't work; Binds with empty password are processed by the frontend.

You'll just have to hack the existing code in bind.c to allow what you want. From a security perspective, what you want is an extremely bad idea. I don't think you'll convince anybody to make it a standard feature.

--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/

Follow-Ups:
- Re: Authenticating with blank passwords
  - From: matthew sporleder <msporleder@gmail.com>

References:
- Re: Authenticating with blank passwords
  - From: manu@netbsd.org (Emmanuel Dreyfus)

Prev by Date: Re: Authenticating with blank passwords
Next by Date: the last version of Berkeley DB
Index(es):
- Chronological
- Thread