[Quoting fixed, could you please stop makling fullquotes]
On Sun, Mar 30, 2003 at 09:54:15AM -0800, Josh Siegel wrote:
> Hanasaki JiJi wrote:
>>Andreas Metzler wrote:
[pam_unix needs superuser permissions]
>>> You can work around this issue either by mirroring the passwords in
>>> another file that is accesible for mail:mail and use an lsearch lookup
>>> or you can try pam_exim.
>>searching for pam_exim brings up the following link.. following it leads
>>nowhere... not very encouraging for code that is going to be an
>>authentication module.
>>http://freshmeat.net/projects/pamexim/
http://www.e-admin.de/pam_exim/ was working when I last checked - less
than a month ago. :-(
>>anythoughts on an enhancement something like this:
>> a new exim_auth program that runs as root
>> exim is still rws of root
>> exim spawns exim_auth at startup
>> exim permanantly changes its runid to
>> the id set in the make file
>> also... how about the ability to set the id/group
>> in the exim.conf file?
>> AND
>> a new compile time option to support courier imap
>> running courier imap-ssl + exim + maildir
>> courier already has an authdeamon
This functionality is basically already in there using
condition=${run}..., and it is very easy to use the check_user example
shipped in the source code of PAM for this example.
server_condition = "${run {/usr/lib/exim4/check_user $2 $3} {1}{0}}"
*But* passing along sensitive information (the password) as argument
to a command is something you don't want to do. - Anybody can see it,
using "ps auxw". So don't do that on a (not SE- or similar) Linux
system with user accounts.
>Take a look at:
> http://www.stormbirds.org/authcheck.cxx
The warning above applies to this one, too.
cu andreas