OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: SMTP Auth
From: Lutz Jaenicke (Lutz.Jaenickeaet.TU-Cottbus.DE)
Date: Tue Aug 22 2000 - 05:40:05 CDT

On Tue, Aug 22, 2000 at 03:03:36AM -0700, Ronald F. Guilmette wrote:
> I insist on people calling me by my correct name if/when they are
> taking issue with anything I have written.
>
> Its Ron. The name is Ron.

Ok, ok, don't ask me how this was triggered. I saw it only seconds
after sending the mail out :-)

> >On Mon, Aug 21, 2000 at 02:10:50PM -0700, Ronald F. Guilmette wrote:
> >There is also the non-standard "LOGIN" method which you will need for
> >Outlook Express.
>
> Are you sure that you need that for Outlook Express??
>
> I got the impression that maybe only some really OLD and antiquated versions
> of Outlook needed that method.

I don't have a perfect overiew of Outlook-versions, but as far as I understood,
even quite new versions need LOGIN.. When I installed SASL the first time
(when the snapshot was released) LOGIN was needed for OE 5.5(?).

> Very true. The paswwords are kept as plain text (I think) in sasldb.db,
> thus making that file a VERY sensitive file that you DO NOT want people
> to get copies of.

That does mean, that whenever some compromise might happen, people won't
even have to run crack...

> >Hence, your advice to make /etc/sasldb world-readable is a really bad
> >advice!
> Not on *my* system it isn't, because on *my* system, I am the ONLY user
> who ever gets anywhere near a shell prompt.
>
> So in my case, I can afford to be a looser about some things.
>
> But yes, if you have a system that many people have shell accounts on,
> then making sasldb.db world readable would be an EXTRAORDINARILY bad idea.

Well, yes. But Wietse works really hard to realize several levels of protection
just in case. So if anybody can compromise daemon on your system he will be
able to steal a really bad part.

> If the system in question has only one ``shell'' user, then you can start
> to be really rather sloppy about how various files are protected... In
> effect the whole UNIX system degenerates down to the equivalent of a single
> user system, and thus, you can be about as haphazard about file protections
> as any ordinary Windoze user. :-)

We could discuss this kind of security philosophy here, but I don't want to
risk a flamewar :-)
I disagree on you point of view, but we should just leave this ``as is''.

> Well just to make sure that Wietse doesn't get the wrong impression about
> anything I have said, let me say again that I think the faults, such as
> they are, lie with the SASL library, and not with Postfix's use of it.

Agreed. From my point of view the API is more or less incompatible with
Postfix's use of things.

> And ever the SASL library is OK/usable... I just wish that it was documented
> a lot better.

Also agreed.

Best regards,
        Lutz 

-- 
Lutz Jaenicke                             Lutz.Jaenickeaet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153