Are you intending to somehow prevent these passwords from being identical? I'm sure
that your users believe they have more important things to do other than tracking that
many unique passwords.
It's not going to improve security if they keep their passwords on a sticky note on
their laptop.
Josh
--
Joshua Ellsworth
Senior Systems Administrator, Primatics Financial
Phone: 571.765.7528
jellsworth(a)primaticsfinancial.com
Steve & Rich:
I prefer different passwords because of security concerns: If a user (with both IMAP and
SSH access) hacks his/her mail password into a comprimised box (keylogger, for instance,
internet café…), then the expected damage would be limited to the mail account only. If
the same password works for SSH also, then it's possible to screw up all files of that
user; worse even, if there is some rights-elevation bug around at the time - then the
entire box might be at risk.
Getting a second set of userpassword attributes then either would require me to run a
second instance, or I would have to resort to the likes of sasldb for the mail side of
things…
Would there be a way to patch some schema file with an extra password attribute
("mailuserpassword")? I have absolutely no clue about schema writing though… is
there something you can recommend me to read (book, website, …) on this topic?
Cheers,
Ray
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users