[TYPO3-50-general] permission system plans
werner mueller
werner.mueller at mimacom.ch
Thu Apr 5 13:10:29 CEST 2007
Martin Kutschker schrieb:
> werner mueller schrieb:
>> Martin Kutschker schrieb:
>>
>>> werner mueller schrieb:
>>>
>>>>
>>>> due to different md5 implementations
>>>
>>>
>>> Sorry to hop in, but what do you mean with that? How can the MD5
>>> digest algorithm be implemented differently?
>>>
>>> Masi
>>
>>
>> short version: i have no no idea.
>>
>> since its some hash code the vocabulary of letters used to represent
>> the hash may be differently chosen? java hash codes for example
>> contain a lot of 'weird' characters and need to be base64 encoded in
>> order to cross-platform them. they compare to nothing but java.
>
> Then it cannot be a md5 hash. There are many other hash functions (eg
> the also pouplar sha1, etc) for various uses.
>
> Masi
well this will be true. never made any investigations.
what i had in mind was authenticate mail, ftp, other things with typo3
accounts. postfix uses crypt, pureftpd supports md5, courier again
crypt, hopefully the same as postfix and mysql.
at the end of the day the only common method seemed to be cleartext. not
the perfect solution. no question. requires encryption of all
connections all over... the created password hashes in the logged
queries where different all over. and sync typo3 with an ldap structure
aint that funny too.
the cheapest way of living keeping configs at a reasonable level are
plain passwords. well: my opinion. (not happy with it)
More information about the TYPO3-project-5_0-general
mailing list