[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Hiding all copies of your PPP password



On Tue, 8 Dec 1998, Omer Zak wrote:

> 
> Then the "personal vault" contents will be created from template files, which
> have placeholders for the user's password.
> When the connection is well-established, the "personal vault" will be
> made to disappear.
You can set it as an environment variable, so only the user can change it.
Moreover, you'll be able to check whether that user has already set the
password from the same shell before, and don't prompt for the password.
If you want to make things a bit more difficult, xor it with something, or
shift one bit. It won't make it impossible to break, but at least the user
won't see his cleartext password when he issues setenv.

If you need information about mounting loop devices/creating filesystems
on files, or other things concerning filesystems you can ask me.

Liran.
---
http://www.math.tau.ac.il/~liranz/