c2c-oerpscenario team mailing list archive
-
c2c-oerpscenario team
-
Mailing list archive
-
Message #24623
Re: [Bug 738721] Re: base_crypt and users_ldap don't work together
>
> Exactly. You're illustrating the second point in previous comment. You
> say encrypted password make you more confident giving full access to
> third-party people. That's fallacious reasoning: why aren't you worried
> about the rest of the database? You should be.
> Unix passwords are encrypted by default. Do you go and give root access
> to everyone because it's safe: they can't steal passwords? I don't.
And oh you do yes...
OK, let's take the use case you mentioned:
user X lost his password.
So you suggest that admin Y read user X password inside the database to give
X his password back, right?
Remember, this was your #1 hammer argument to defend the no encryption
choice...
Aren't you here encouraging someone to look at the database and possibly rip
users password?
Now take my suggestion: password in database is encrypted and he only
solution is to generate a new one from OpenERP admin (or by code
eventually).
The message this actually sends is rather "don't even try to look in the
database, it won't help you, do it the other way." (and even if you look at
it the database at least you won't still anybody's password).
And yet you still think your "no encryption by default" approach is the one
that offer the best security while encryption is the dangerous policy that
encourages granting access rights blindly?
My 0.02 R$
--
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/738721
Title:
base_crypt and users_ldap don't work together
Status in OpenERP Modules (addons):
Confirmed
Bug description:
I installed and configured users_ldap so that all of my users can login using their credentials stored in OpenLDAP, which worked fine. Then I installed base_crypt (with the intention of all other passwords in the db, for non-ldap-users like 'admin') being encrypted. However, this prevents all LDAP users from logging in.
I suppose that base_crypt tries to authenticate the user and if this fails, login fails, without users_ldap trying to authenticate. I think this behaviour should be changed towards:
1. Check whether user can login using the (possibly encrypted) password in the database.
2. If not, check whether user can login using the LDAP password.
3. If now, refuse access.
Right now, the second step seems to be omitted when base_crypt is used.
References