|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Keean Schupke (keean
fry-it.com)
Date: Sun Dec 02 2007 - 14:19:26 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 02/12/2007, Wietse Venema <wietseporcupine.org> wrote:
> > So this feature depends on OpenSSL's libcrypto. How should that be
> > handled in makedefs? (Question for Wietse I think).
>
> OpenSSL must not be mandatory. On my servers, it makes no sense to
> increase the attack profile by tens of thousand of lines of code.
Is there a suitable alternative that does not require ssl?
>
> > Anyway, this is probably enough for now in terms of patches, the key
> > question at this point is whether this should be adopted. Wietse?
>
> Assuming that it implements its own cache daemon, the only thing
> that remains is naming.
>
> If possible, the master.cf service name should match the executable
> name.
>
> Is "cache" really a good choice for a Postfix daemon name?
The cache service is a generic cache, it is in no way tied to just
being used to cache auth failures. In theory any service can use it
for storing any data. Hence "auth_cache" represents a specific
application of the generic cache.
Another alternative might be "dict" or "dictionary" service.
>
> Is "auth_cache" really a good name for a service that remembers
> password failures?
Perhaps auth_failure_cache? I didn't want it to be too long, as all
the others have short names.
Regards,
Keean Schupke. Fry-IT Ltd.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]