On Tue, Oct 29, 2002 at 09:34:09PM +0300, Michael Tokarev wrote:
> I tried to be careful, but I well might be wrong, and indeed there
> was a security-related bug with apop+pam iteraction once.

beside that I don't use apop, as you already said to me,
there is no such apop pam module, yet.

> Also, while having one process that does all the things is fast,
> but such a method may leak security information (content of
> /etc/shadow inside of process's addresspace due to stdio buffering
> etc) if a process compromised.

I don't use real password database. I have already modified
mdpop3d a little to read password from tinycdb. while it is
has nothing todo with the issue above, but it works for me.
it's quite reliable and yet lightweight and fast!

> And yes, I use this daemon here heavily, on many different machines
> (but all are inside of LANs only).

I have the same situation with you.

> But this goes waay offtopic...

yes, indeed :-)

Thanks a lot Michael.

Regards,

P.Y. Adi Prasaja
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]