Can I use hashed password for ldap_bind_pw in saslauthd.conf?
Raymond T. Sundland
raymond at sundland.com
Thu Oct 6 09:39:04 EDT 2005
chmod 400 saslauthd.conf
If someone has enough access to read the file at this point, they have
enough access to modify your LDAP database files using the 'slapcat' and
'slapadd' commands, so any additional security of a hashed password
would be useless.
he.tao at trilogy.com wrote:
>
> It's really a bad idea to use clear text..
>
>------------------------------------------------------------------------
>
>----
>Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20051006/ee06686a/attachment.html
More information about the Info-cyrus
mailing list