On 11.10.22 18:04, John Tulp wrote:
in mitigating such risk, why not go for the "low hanging fruit" by simply not storing passwords on disk in clear text ? unless there is some reason why clear text passwords actually have to be written to disk.
Authentication schemes like CRAM-MD5 require the server to have the plaintext password *available* for / prior to the authentication (it is therefor usually called a "shared secret" instead).
Before you ask, one benefit from using such schemes is that the password does not have to go through the wire, not even inside encryption (that a MitM may or may not be able to crack), so it's not a clear all-out FAIL to use those.
Whether the password is still in cleartext *when written to / read from disk* is another question, but that would be a negligible defense against someone who rooted your server.
Kind regards, -- Jochen Bern Systemingenieur Binect GmbH
