Re: [Exim] Security Considerations (AUTH + shadow)

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Nigel Metheringham
Data:  
Para: Lukasz Grochal
CC: exim-users
Assunto: Re: [Exim] Security Considerations (AUTH + shadow)
lgrochal@??? said:
> Still - this is not the way, I believe. I'd rather use PAM to do the
> authentication.


PAM doesn't help - it has no more privileges to read shadow than any
other process or library. [Actually some implementations have a setuid
shadow password checker, *but* they only work for checking the password
of the user associated with the calling UID).

    Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]