cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Jérôme BERTHIER <Jerome.Berthier AT inria.fr>
- To: cat-users AT lists.geant.org
- Subject: [[cat-users]] CAT Linux script
- Date: Fri, 22 Dec 2017 14:17:58 +0100
- Organization: Inria DSI
Hi,
I'm testing CAT in order to promote its usage among our users.
I have a question about the script for Linux distribution.
Correct me if I'm wrong but this script set up a new connection profile globally for the system.
By doing this, it stores the user password as plain text in a text file.
* network profile (including the username) : /etc/sysconfig/network-scripts/ifcfg-eduroam
* password stored in a text file (owned by root with perm 600) : /etc/sysconfig/network-scripts/keys-eduroam
Storing plain text password is not very good (even limited to the user root).
This seems to be the normal behavior of NetworkManager when it create a system wide profile :
https://wiki.gnome.org/Projects/NetworkManager/Admins
Is there any way under CAT admin to limit the scope of the client and profile to the user session under it is installed (and so using the password storage manager) ?
Regards,
--
Jérôme BERTHIER
DSI - SESI - Equipe Conception
Inria Bordeaux - Sud-Ouest
+ 33 5 24 57 40 50
Attachment:
smime.p7s
Description: Signature cryptographique S/MIME
- [[cat-users]] CAT Linux script, Jérôme BERTHIER, 12/22/2017
- Re: [[cat-users]] CAT Linux script, Tomasz Wolniewicz, 12/27/2017
Archive powered by MHonArc 2.6.19.