Re: [Exim] Security Considerations (AUTH + shadow)

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Lukasz Grochal
CC: exim-users
Subject: Re: [Exim] Security Considerations (AUTH + shadow)
lgrochal@??? said:
> Still - this is not the way, I believe. I'd rather use PAM to do the
> authentication.


PAM doesn't help - it has no more privileges to read shadow than any
other process or library. [Actually some implementations have a setuid
shadow password checker, *but* they only work for checking the password
of the user associated with the calling UID).

    Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]