[dev] [patch] Re: [cvs] commit: framework/Auth/Auth ldap.php horde/config conf.xml horde/docs CHANGES
Jan Schneider
jan at horde.org
Thu Jun 2 01:40:22 PDT 2005
Zitat von Roel Gloudemans <roel at gloudemans.info>:
>>> Security wise you this should be required. If an administrator should
>>> forget to set it, all passwords would be stored e.g. in cleartext (the
>>> obvious default value if not set) in the directory, without the admin
>>> realizing it.
>>
>> Agreed, but that is why we set a non-cleartext default value. (md5-hex
>> is currently the default)
>
> Indeed, if encryption is not set, getCrypted assumes a default value.
> Patch attached.
Committed, thanks.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the dev
mailing list