Added a comment: Passwords in PrivData

author: https://www.google.com/accounts/o8/id?id=AItOawkgUir7k_amh9RFp4D3QutX1fGh_nd7ko4 <Philipp@web> 2014-12-13 18:25:23 +0000
committer: admin <admin@branchable.com> 2014-12-13 18:25:23 +0000
commit: c164e48096c89d82dc6fedf4ef16f0b2fa69fc1b (patch)
tree: 4cc0dfc792c286eef07b00ee7325a28807562298 /doc/security
parent: 9d06d2f835143c308bc409b7dc737c4292d9bc72 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment b/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment
new file mode 100644
index 00000000..e9d20642
--- /dev/null
+++ b/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="https://www.google.com/accounts/o8/id?id=AItOawkgUir7k_amh9RFp4D3QutX1fGh_nd7ko4"
+ nickname="Philipp"
+ subject="Passwords in PrivData"
+ date="2014-12-13T18:25:23Z"
+ content="""
+I wonder if there could be a shortcut in PrivData handling that hashes the input with crypt() instead of passing it raw to a machine. For instance passwords are stored in plain on the target machines, while this is not required to set the password in shadow: the hash would suffice. I think this page should at least spell out that fact.
+"""]]
author	https://www.google.com/accounts/o8/id?id=AItOawkgUir7k_amh9RFp4D3QutX1fGh_nd7ko4 <Philipp@web>	2014-12-13 18:25:23 +0000
committer	admin <admin@branchable.com>	2014-12-13 18:25:23 +0000
commit	c164e48096c89d82dc6fedf4ef16f0b2fa69fc1b (patch)
tree	4cc0dfc792c286eef07b00ee7325a28807562298 /doc/security
parent	9d06d2f835143c308bc409b7dc737c4292d9bc72 (diff)