|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: SASL for fun and profit
From: Ari Gordon-Schlosberg (regs
nebcorp.com)Date: Tue May 16 2000 - 16:12:48 CDT
- Next message: Tony Arcus: "Distribution"
- Previous message: Wietse Venema: "Re: SASL for fun and profit"
- In reply to: Wietse Venema: "Re: SASL for fun and profit"
- Next in thread: Wietse Venema: "Re: SASL for fun and profit"
- Reply: Ari Gordon-Schlosberg: "Re: SASL for fun and profit"
- Reply: Wietse Venema: "Re: SASL for fun and profit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[Wietse Venema <wietseporcupine.org>]
> > (5) When using verbose logging (f.i. with $debug_peer_list) the password
> > is written to the logs in clear text. Not a huge security issue,
> > but still.
>
> That can't change. The verbose log is for debugging. Having
> to run gdb on the running process is too intrusive.
Perhaps there should be a warning about this in the SASL documentation.
-- Ari there is no spoon ------------------------------------------------------------------------- http://www.nebcorp.com/~regs/pgp for PGP public key
- Next message: Tony Arcus: "Distribution"
- Previous message: Wietse Venema: "Re: SASL for fun and profit"
- In reply to: Wietse Venema: "Re: SASL for fun and profit"
- Next in thread: Wietse Venema: "Re: SASL for fun and profit"
- Reply: Ari Gordon-Schlosberg: "Re: SASL for fun and profit"
- Reply: Wietse Venema: "Re: SASL for fun and profit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]