Subject: [netatalk-admins] Netatalk Security
From: Vicki Brown (vlb@deltagen.com)
Date: Wed Aug 11 1999 - 16:26:23 EDT
I'm trying to build netatalk-1.4b2+asun2.1.1 for RedHat Linux (MkLinux).
It has failed to find des.h.
The only docus I found on DES were these from README.ASUN:
i've added Randnum and 2-Way Randnum support. part of the code is
compliments of<shirsch@ibm.net>. as afp doesn't do the
fallback thing in case of failure, Randnum and 2-Way Randnum
are only available via afpd.conf. To get them to work, each
user must have a ~/.passwd file (not read-/writeable by anyone
else) with a password. this is a potential security problem as
root can read the password. this may be compensated, to some
extent, by the fact that your password never goes onto the wire
when mounting a volume.
NOTE: you will need to get a copy of the des library if you
don't already have one for this option to work. i got mine
from <ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz>
I have little interest whatsoever in users needing a ~/.passwd file; I
think that's silly. Especially in cleartext as I have no idea at this time
what the user's passwords are...
Someone please tell me why I should possibly want this when I have a
perfectly valid (er, encrypted) /etc/passwd file at hand?
Do I _need_ this (~/.passwd) in order to allow changing passwords via the
dialog? In order to not use cleartext passwords in the Chooser dialog.
Does anyone have pointers to more useful information or has someone
installed on RedHat AND has password changing AND has non-clear-text
passwords (afpd.conf works for you?)
-----
//=\ Vicki Brown <vlb@deltagen.com>
\=// Journeyman Sourcerer: Scripts & Philtres
//=\
\=// Scientific Programming <> Perl, Unix, Mac
//=\ A little Web gardening on the weekends
\=//
//=\ Deltagen, Inc; 1031 Bing St, San Carlos, CA 94070
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:17:03 EST