Freeradius sql module usage
Alan DeKok
aland at deployingradius.com
Tue Jul 23 19:01:06 UTC 2024
On Jul 23, 2024, at 10:38 AM, Dave Funk <dbfunk at engineering.uiowa.edu> wrote:
>
> On Tue, 23 Jul 2024, Alan DeKok wrote:
>>
>> "I have a checklist" is not a convincing argument.
>
> It prevents idiots from pushing their code to a GitHub project, thus publishing their credentials to the world.
I see checklists as useful for some things, but they have to be actionable. "Don't put passwords on disk" is for me not very actionable.
Any ad-hoc checklist to stop bad behaviours should also have a documented better method. Otherwise people just invent other, worse, work-arounds.
> Anybody who has to deal with the new US DOD/DOE NIST-800-171 CUI requirements understands the pain of dealing with seemingly senseless restrictions.
I've seen very large / national "security" organizations publish insecure recommendations. So yeah, I can see there being some confusing, crazy and outright wrong recommendations from them.
Alan DeKok.
More information about the Freeradius-Users
mailing list