[TYPO3-50-general] permission system plans

werner mueller werner.mueller at mimacom.ch
Thu Apr 5 13:10:29 CEST 2007

Martin Kutschker schrieb:
> werner mueller schrieb:
>> Martin Kutschker schrieb:
>>> werner mueller schrieb:
>>>> due to different md5 implementations
>>> Sorry to hop in, but what do you mean with that? How can the MD5 
>>> digest algorithm be implemented differently?
>>> Masi
>> short version: i have no no idea.
>> since its some hash code the vocabulary of letters used to represent 
>> the hash may be differently chosen? java hash codes for example 
>> contain a lot of 'weird' characters and need to be base64 encoded in 
>> order to cross-platform them. they compare to nothing but java.
> Then it cannot be a md5 hash. There are many other hash functions (eg 
> the also pouplar sha1, etc) for various uses.
> Masi

well this will be true. never made any investigations.

what i had in mind was authenticate mail, ftp, other things with typo3 
accounts. postfix uses crypt, pureftpd supports md5, courier again 
crypt, hopefully the same as postfix and mysql.

at the end of the day the only common method seemed to be cleartext. not 
the perfect solution. no question. requires encryption of all 
connections all over... the created password hashes in the logged 
queries where different all over. and sync typo3 with an ldap structure 
aint that funny too.

the cheapest way of living keeping configs at a reasonable level are 
plain passwords. well: my opinion. (not happy with it)

More information about the TYPO3-project-5_0-general mailing list