10 Replies Latest reply: May 10, 2012 12:13 AM by MadMacs0
tarwinator Level 1 Level 1 (0 points)

I was debugging a MBP (10.7.3) that would not allow network users to login, when I've stumbled over a log line on the client:

Screen Shot 2012-02-06 at 5.01.08 PM.png

 

The last parameter "passwordAsUTF8String" containes the password of the user I've tried to login in plain text. Huh?

 

I've tried it on another Mac as well, same result: The login of a normal network user writes this log line as his homedir gets mounted.

This poses a security risk. We have some users who are local admins, they could ask another user to login on their Mac and look for the password afterwards. Extration in single user mode would be possible as well.

 

Is this a "speciality" of our environment or is this a known bug? Can I turn this behavior off?

We are running Lion clients with a SL Server and using OpenDirectory.

 

Thanks,

Tarwin


Mac OS X Server, Mac OS X (10.7.3), Open Directory, Network User