Re: Multi-user Password Manager
> From: [EMAIL PROTECTED] > > > Should each user have access to his/her own passwords, and > > nothing else? > > > Which user can change which password(s)? > > > > The security model can be something like 'john belongs to pay_group, > > so he can read and maybe write (if group administrator) passwords of > > pay_group'. > [...] > > I agree, but in an heterogenous environment (windows, linuxes & macs) > > which I'm in, it's helpfull :) > > This screams LDAP to me. Delegate management of certain portions and > attributes of your tree to whomever should manage them via ACLs. Wrap your > choice of LDAP management around this and you have what you want. That's right. Because nothing should ever be simple...
Re: Multi-user Password Manager
It sounds like you want to be using OpenLDAP (http:// www.openldap.org/). Instead of using groups for delegation, use OUs. It's probably not going to be a small project, though. On Apr 12, 2006, at 8:40 AM, Bruno Carnazzi wrote: 2006/4/12, Joachim Schipper <[EMAIL PROTECTED]>: On Wed, Apr 12, 2006 at 05:20:31PM +0400, Bruno Carnazzi wrote: Hi misc, I'm looking for an open-source software solution for a multi-user password management. Ideally, it's a webapp running on OpenBSD, allowing multiple user, each can only see a subpart of the password database (ACL or things like that). I've found a lots of such project on sf.net but only for single user... Somebody got an idea ? Actually, I don't even know what you want to achieve. Should each user have access to his/her own passwords, and nothing else? Which user can change which password(s)? The security model can be something like 'john belongs to pay_group, so he can read and maybe write (if group administrator) passwords of pay_group'. This software: http://www.sowsoft.com/password-manager.htm seems to do the trick but I'd prefer an open-source solution, of course... I have a feeling some parts of Horde could be used to make do, but it will be hackish. And still a webapp - not my first choice for storing critical information. I agree, but in an heterogenous environment (windows, linuxes & macs) which I'm in, it's helpfull :) Joachim Thank you for reply, Bruno.
Re: Multi-user Password Manager
On 2006/04/12 19:40, Bruno Carnazzi wrote: > The security model can be something like 'john belongs to pay_group, > so he can read and maybe write (if group administrator) passwords of > pay_group'. ldap could do this. login_ldap is in ports, you might need to write some easy-to-use CGI scripts for people (or you may find an existing ldap admin utility is sufficient).
Re: Multi-user Password Manager
From: [EMAIL PROTECTED] > > Should each user have access to his/her own passwords, and > nothing else? > > Which user can change which password(s)? > > The security model can be something like 'john belongs to pay_group, > so he can read and maybe write (if group administrator) passwords of > pay_group'. [...] > I agree, but in an heterogenous environment (windows, linuxes & macs) > which I'm in, it's helpfull :) This screams LDAP to me. Delegate management of certain portions and attributes of your tree to whomever should manage them via ACLs. Wrap your choice of LDAP management around this and you have what you want. DS
Re: Multi-user Password Manager
2006/4/12, Joachim Schipper <[EMAIL PROTECTED]>: > On Wed, Apr 12, 2006 at 05:20:31PM +0400, Bruno Carnazzi wrote: > >Hi misc, > > > > I'm looking for an open-source software solution for a multi-user > > password management. Ideally, it's a webapp running on OpenBSD, > > allowing multiple user, each can only see a subpart of the password > > database (ACL or things like that). I've found a lots of such project > > on sf.net but only for single user... Somebody got an idea ? > > Actually, I don't even know what you want to achieve. > > Should each user have access to his/her own passwords, and nothing else? > Which user can change which password(s)? The security model can be something like 'john belongs to pay_group, so he can read and maybe write (if group administrator) passwords of pay_group'. This software: http://www.sowsoft.com/password-manager.htm seems to do the trick but I'd prefer an open-source solution, of course... > > I have a feeling some parts of Horde could be used to make do, but it > will be hackish. And still a webapp - not my first choice for storing > critical information. I agree, but in an heterogenous environment (windows, linuxes & macs) which I'm in, it's helpfull :) > > Joachim > > Thank you for reply, Bruno.
Re: Multi-user Password Manager
On Wed, Apr 12, 2006 at 05:20:31PM +0400, Bruno Carnazzi wrote: >Hi misc, > > I'm looking for an open-source software solution for a multi-user > password management. Ideally, it's a webapp running on OpenBSD, > allowing multiple user, each can only see a subpart of the password > database (ACL or things like that). I've found a lots of such project > on sf.net but only for single user... Somebody got an idea ? Actually, I don't even know what you want to achieve. Should each user have access to his/her own passwords, and nothing else? Which user can change which password(s)? I have a feeling some parts of Horde could be used to make do, but it will be hackish. And still a webapp - not my first choice for storing critical information. Joachim
Multi-user Password Manager
Hi misc, I'm looking for an open-source software solution for a multi-user password management. Ideally, it's a webapp running on OpenBSD, allowing multiple user, each can only see a subpart of the password database (ACL or things like that). I've found a lots of such project on sf.net but only for single user... Somebody got an idea ? Thank you, Bruno.
