[Date Prev][Date Next]
Re: pam_password exop
On Wed, Sep 12, 2012 at 04:59:36PM +0200, firstname.lastname@example.org wrote:
> Does this mean that the password is sent clear to the ldap server then
> hashed over there ? It looks like a huge security flaw ...
The benefit is that slapd decides on the hash, password policies can
be enforced, you can generate both Unix and NT hashes at the same time...
But it seems it assumes you use TLS or local socket.