Re: [Exim] Security Considerations (AUTH + shadow)

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Lukasz Grochal
Data:  
Para: exim-users
Asunto: Re: [Exim] Security Considerations (AUTH + shadow)
Phil Pennock <Phil.Pennock@???> writes:

> I forget the name, but search the mailing-list archives - it was
> something like "pam_file", I think.


It's called pam_pwdfile and full setup could look like:

auth            required        pam_pwdfile.so  pwdfile /etc/some_file
account         required        pam_permit.so


Still, it requires /etc/some_file to be readable by exim user (group).
But the authenticator entries get very ellegant this way ;)
Additionally - you can use the same pam setup for POP3 authentication
making it totally independant from shell account passwords. More than
that, this doesn't require shell accounts at all - just mailboxes
and corresponding password file entries.

--
(-) Łukasz Grochal