On Wed, Dec 06, 2006, Stanislaw Halik wrote:
>> login:
>> driver = plaintext
>> public_name = LOGIN
>> server_prompts = Username:: : Password::
>> server_condition = "${if <these are on one line, split by e-mail only>
>> crypteq{$2}{${lookup{$1:2}lsearch{/etc/passwd}{$value}fail}}{yes}{no}}"
>> server_set_id = $1
> By the way, what if an attacker specifies an unknown user with a
> password of "fail"? I'm suspecting you'd turn into an open relay.
Please disregard that. It's a forced expansion failure.
--
Unix stuff :: http://tehran.lain.pl
Yet Another RBL :: http://rbl.lain.pl