[exim] Re: SMTP Authentication out of the box

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Andreas Metzler
Date:  
À: exim-users
Sujet: [exim] Re: SMTP Authentication out of the box
David Woodhouse <dwmw2@???> wrote:
> On Thu, 2004-12-16 at 16:26 +0000, Ron McKeating wrote:
>> Not sure why anyone would want to bother to set up the sasl authd when
>> pam comes with fedora and works out of the box with minimal config.
>> There is no need for pam_exim any longer.


> For users whose password is in /etc/shadow? What am I missing?


Quote from Wiki:
| Also I have exim run as group exim this group needs read access on

|
| /etc/shadow


Ron how do you propose to do this?

* <chmod a+r /etc/shadow>? Ouch, why did I choose shadow-passwords in
the first place?
* <chgrp exim /etc/shadow> This will break vlock, chage, and other
SGID shadow stuff.
* Run exim under group shadow? Does not sound to good to me either,
exim/user group should be unprivileged ones to contain damage in
case of compromise.

                cu andreas
-- 
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
                                           http://downhill.aus.cc/