1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Why does CyrusSasl store plaintext passwords in its databases?
--------------------------------------------------------------
To operate with the CRAM-MD5 and DIGEST-MD5 mechanisms, Cyrus SASL
stores plaintext versions of the passwords in its secret database (an
AuxpropPlugin).
This is typically regarded as insecure practice, however the alternative
is not much better. For CRAM-MD5 and DIGEST-MD5 to function, they must
have a plaintext equivalent locally in order to confirm the hash that
actually goes across a wire. This, if these equivalents were
compromised, it is trivially easy for an attacker to have access to any
account on the system.
Note that for DIGEST-MD5 this isn't strictly true: the hash that DIGEST
can use limits the attack to only the realm for which the password
applies, but this is a questionable security gain for the increased
management hassles (you can't share them between mechanisms) that the
plaintext equivalents cause.
|
