Quote:
Originally Posted by kovidgoyal
You are syncing default passwords, sow hat earthly difference does it make?
|
I can't follow you.. what default passwords do u mean?
You proposed to sync LDAP Users to calibre DB for what I had to know the users passwords. I said I don't know them, so I can't do such a sync.
Because of that and the fact, that the passwords really are saved in cleartext(!!) in the sqlite DB (just verified by looking at the calibre userdb right now) I only would use a few technical users with passwords I nowhere else use just for this one and only purpose.
Using critical passwords in a system which stores them in cleartext is very risky and insecure!