[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  me at blaue0 dot net
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] [Security]: Dyndns Password
 Date:  Sat, 07 Aug 2004 20:02:54 +0200
On 07.08.2004 18:39 +0200, ChristianGüdel wrote:

> I've opened it, just to see if it's working, and then I saw my
> dyndns password in clear text in the configuration.

This is a deliberate design decision, and the same goes for
PPPoE/PPTP client passwords. We could of course use some snake oil
encryption on that password, but that would only create a false sense
of security. By leaving it in plaintext, it is made very clear that
config.xml deserves to be stored in a secure location (or encrypted
with one of the countless programs out there).

> It's not very important, but I think it would be more secure if it's
> encryptet, maybe an md5 hash or something like that.

It's not that easy. Since the DynDNS client has to present the
password to the dyndns.org server in plaintext, it ultimately needs
access to the plaintext password. Since we cannot prompt the user for
a password each time the DynDNS name needs to be updated, any
encryption we apply to it can be reversed by anyone with access to
the m0n0wall sources - i.e. everybody. Hashes like MD5 cannot be used
where the plaintext password is needed at a later stage, unlike for
the system password, which is only stored as a hash.

- Manuel