[Exim] Debian/Linux/SASL/PAM/SMTP AUTH

Top Pagina
Delete this message
Reply to this message
Auteur: Jeremy Blawn
Datum:  
Aan: exim-users
Onderwerp: [Exim] Debian/Linux/SASL/PAM/SMTP AUTH
Hello,

I have recently been pursuing a fix for the "bug"
which isn't a bug in PAM (exim must run as root to
allow SMTP Authentication through /etc/shadow).

I had emailed off to some package maintainers within
the Debian GNU/Linux Project and got an interesting
email back concerning this "bug":

"/sbin/unix_chkpwd only works for checking your own
user info. I.E. only for screen savers etc. You
should make exim setgid shadow and things should work
fine. But really, you should consider using SASL with
some reasonable mechanism. PAM is not intended for
network authentication.

The behavior you report is not a bug."

Ok, now that we have 1 quick fix, and 1 more involved
fix.. the question is.. HOW TO IMPLEMENT SASL WITH
EXIM? (sorry for the caps) =)

And can SASL be used for an authentication
mechanism/proxy to PAM or directly authenticate to
/etc/shadow?

If anyone can shed more light on this matter I would
appreciate it. Running exim as root is scary, running
any process as root is deadly =)

Thanks.

- Jeremy Blawn


__________________________________________________
Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information
http://dailynews.yahoo.com/fc/US/Emergency_Information/