Cyrus-SASL-2.1.10 PAM authentication failure

Edward Rudd eddie at omegaware.com
Sun Jan 19 13:51:03 EST 2003


No, unfortunately not any more..
You HAVE to use the saslauthd daemon.
This is to get around all the security problems with SASL 1.5.x using
pam.. With sasl 1.5.x AS you have to relax your security to get cyrus to
authenticate via pam (as pam is supposed to run as ROOT, especially to
access /etc/shadow and /etc/passwd).   So now they offloaded it to a
daemon saslauthd which is started at system start up as root and sasl
talked to it and asks it to authenticate.  that way the program is NOT
running as root (increased security).. Only the minimum authentication
component).

I hope this help make things clearer..

On Sun, 2003-01-19 at 07:00, k1680792 wrote:
> Hi all,
>  I want to know:Doese Cyrus-SASL-2.1.10 support /usr/lib/sasl/*.conf with
> the following method
>  pwcheck_method: pam
>  I don't want to use saslauthd . My another server with Cyrus-SASL-1.5.28
> supports 'pwcheck_method:pam' well.
>  Thanks!
> -----------
> Kai
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! BB is Broadband by Yahoo!  http://bb.yahoo.co.jp/
-- 
Edward Rudd <eddie at omegaware.com>





More information about the Info-cyrus mailing list