Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
is it possible to use ldapmodify to set a single users password to never expire?
for example I have a system user that causes the system to fail if the password expires so I need to make it never expire while all the other user password do expire.
so here is what I did created a second password policy and then modified the Manager user to use the new policy rather than the default policy. see http://www.zytrax.com/books/ldap/ch6/ppolicy.html for the details.
Yes. usually. Depends on the system, the OS, etc (usually it's something like putting the pwdMaxAge value to 0 so it never expires . But this if for OpenLDAP itself, it's not necessarilly the same attribute that your target system/OS uses for its own password expiration dates : maybe those are stored elsewhere in ldap for that system/OS...
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 days ago.
Improve this question
I'm building a web app with firebase (fire storage, functions, hosting).
The location of the project is eur3.
I will not use google analytics. I will not use google fonts.
Do I have to inform the user that I'm using firebase?
Is user data sent to the US (or US Google servers) even though my project location is eur3?
Does firebase set cookies through the iframe on the user device with unique identifiers?
if yes, is that identifier used to track the user elsewhere?
I want to set one cookie to check if the user visits for the first time. Do I have to inform the user?
Is there a flowchart by google to make my web app EU ready?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 months ago.
Improve this question
Currently google single sign-on gives your real email address to everyone. Instead it could give each party a different identifier for you, such that these third parties wouldn't be able to correlate your data.
Moreover spam could be more easily identified and stopped. Google could manage a fleet of "salted" email addresses for each user, tracking which third parties send spam. Signin/gmail synergy.
My question: Does this exist already? Why does this not already exist? Do any other auth vendors do this?
Followup: Why is my email address even used as my primary id? I'd rather keep it private.
Your email is not used as a primary identifier at least not by Google. When a website such as Airbnb does an open ID connect dance with Google, Google replies with a unique identifier to Airbnb. That identifier does not mean anything to Airbnb as to what your email first name last name are. What also happens is that Airbnb can ask Google for your email and that is how they end up having your email.
Note that Apple have a privacy preserving mechanism where instead of returning your real email address they will return an Apple email address that points to your email. That gives you one level of indirection and more privacy.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I want to register a domain name in order to do political activism. I want to hide my personal information from being displayed. For that I'm considering registering a provide domain from a website like godaddy.com
My question: how safe is that? Can anyone access the private personal information of the owner of the domain?
According to arin your contact information will be availble in customer records but not to Whois users. If somebody gets access to the customer records then they can access your contact information. Whether this can happen depends on service provider policies and also dpends on the laws of the country where your service provider is situated.
You can use privacyprotect.org
for free to hide your contact information. read on the link for more info on how it works and how safe it is.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Actually My network administrator blocked the www.yahoomail.com in my office. But i need to access it to read some important mails. Is there any possibilities?
I tried it by some third party website. After entering login credentials (username and password). I got an error "This page requires that you have Javascript enabled on your browser."
But it is already enabled in my browser.
Can anyone help me?
Although you have way to access Yahoomail but I think you should just ask Admin or your teamleader or PM to allow you to use Yahoomail at work.
If you get caught while trying to connect Yahoomail without permision, its gotta be worse :)
You can try to install TOR -> https://www.torproject.org/
It sends your requests over some proxies and so it should help to reached the blocked site.
One of the most commonly used method is to use Proxy server specially the russians one
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I write a phrase and please you say your point of view about it:
For my web site,If My Server Is Secure(Server Admin warranty that) and I prevent XSS and Sql Injenction attack,Is my web site secure?
(please leave your answer with reference)
Thanks
Edit 1 ::
every of above items + Cross-site request forgery
Firstly, don't expect to obtain a "secure" end state as if it's an absolute position - you can't. Software security is about reducing risk and you won't ever reach a position of no risk.
There are many, many other risks you've missed: broken authentication and session management, insecure direct object references, security misconfiguration, insecure cryptographic storage, failure to restrict URL access, insufficient transport layer protection and unvalidated redirects and forwards to name a few. These are all out of the OWASP Top 10 and I suggest you start with these.
Make sure you understand:
The risk
How it's exploited
How you can protect against it
If you'd like to see all this in the context of ASP.NET have a read through the OWASP Top 10 for .NET developers series.
And thee are risks beyond these top 10 too, they're just the most common ones in web apps.
No. There are other attack methods. For example, http://en.wikipedia.org/wiki/Cross-site_request_forgery