Horde and PGP options

Gunnar Wrobel wrobel at pardus.de
Wed Mar 17 22:52:11 CET 2010


Hi Albrecht,

Quoting Albrecht Dreß <albrecht.dress at lios-tech.com>:

> Hi all,
>
> I just gave the Horde PGP feature a try, on my self-compiled Kolab  
> 2.2.3 on a Ubuntu x86_64 box.  As I migrated the system from an  
> "old" Kolab 2.2.0 server, I still use the Horde LDAP backend for its  
> config storage.
>
> I noticed that the PGP public and private keys are stored in LDAP.   
> However, an anonymous list (run "ldapsearch -LLL -x uid=xxxx" from  
> the console) reports all impPrefs values, including the PGP keys!   
> Needless to say that this is not the best idea IMHO...

Yup. Using PGP in a webmailer is in general discouraged. There is  
currently no way to get this really secure. But of course the point  
you mention is extremely problematic.

>
> My question:
> Is it possible to limit the access to impPrefs as it is done for  
> userPassword, or will this break anything?

I think it should be possible. The only thing that might not be hidden  
could be the ingoPrefs. I would have to test that to be certain though.

Cheers,

Gunnar

>
> Thanks,
> Albrecht.
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
--------------------------------------------------------------------
    >> Mail at ease - Rent a kolab groupware server at p at rdus <<
--------------------------------------------------------------------





More information about the users mailing list