[Cosmo-dev] adding password retrieval to cmp

[Vinubalaji Gopal]

On Fri, 2006-08-18 at 17:05 -0700, Brian Moseley wrote:

> well, you could imagine somebody extracting an encrypted password and
> then using a dictionary attack to try to find a match. of course,
> they'd have to be an admin (or find a bug in our authn/authz
> mechanisms) to get the password in the first place, so they would have
> access to the user's data anyway. so maybe it's an non-issue.

Well we could provide a command line utility to do that, but that will
move the security to the operating system access level. But if the
cracker does get access as a operating system super user even now, he
can just get a copy of the cosmo - figure out a way to dump the data and
do any kind of brute-force attack.

If we are really paranoid about security, we need not provide the web
interface - but I would say that we can have a secure way to handle
this. I really did not see a use case of just getting the users in
Cosmo, but since Jared has pointed a valid use case - I would do a +1
for the backup - including/excluding user account details based on valid
use cases.

I know a lot of web based routers (including the one I worked in my
previous company) does provide a backup/restore functionality and I
would say that there needs to be a compromise b/w ease and going really
paranoid about security.