Steve Langasek wrote:
If the user's account is local, nss should be resolving it before ever touching LDAP. If it's remote, provisions should be in place to ensure the LDAP server's availability. Either way, I only see this security bug happening on a misconfigured system.
Why should there be provisions in place to ensure the LDAP server's availability? For one thing, the LDAP server can come back any time if it is just a network timeout. The other point to consider is security: If the user wants to have his data protected, he does mean it. From a design perspective it is not a good idea to say, "I will protect your data whenever I feel like it, i.e. I have no objections".
One has to weigh security of data during network hickups against a probable misconfiguration of the system: IMHO not being able to unlock a workstation for a short period of time is not that severe compared to not locking the workstation when the system is misconfigured. If the user has been locked out from his data in the latter case, the misconfiguration simply has to be resolved.
Thanks for reconsidering, Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
