-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/26/2011 05:51 AM, Sumit Bose wrote:
On Tue, Jan 25, 2011 at 02:55:05PM -0500, Stephen Gallagher wrote:
On 01/25/2011 11:17 AM, Sumit Bose wrote:
>>> On Tue, Jan 25, 2011 at 11:09:09AM -0500, Stephen Gallagher wrote:
>>> On 01/25/2011 10:59 AM, Jeff Schroeder wrote:
>>>>>> Why don't you make sssd also complain on startup about this
option?
>>>>>>
>>>
>>> I'm trying not to be TOO obnoxious about it. I figured that not having
>>> it mentioned in the documentation and not visible to the SSSDConfig API
>>> would be sufficient.
>>>
>>> But if you feel strongly about it, it's not too hard to add.
>>>
>>>
>>>> I would also support the idea of some kind of warning message to prevent
>>>> that someone accidentally use the "debugging" configuration in
>>>> production. But instead of a message at startup I would prefer a syslog
>>>> message every time a password is sent unencrypted.
New patch with annoying syslog message attached.
> I have to admit this patch is working as expected, I can clearly see my
> password on the wire.
> ACK
After weighing the pros and cons, I decided to push this patch as-is.
The option is present and undocumented in 1.5.1.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk1CuuQACgkQeiVVYja6o6MgcACbBSoSWwCJbPUuptLktc8Elqes
C8EAoJVnNlNDIY/WcaJGtr/kWZh8xgQP
=cANW
-----END PGP SIGNATURE-----