Can I use hashed password for ldap_bind_pw in saslauthd.conf?

Zachariah Mully zmully-kolab at smartbrief.com
Thu Oct 6 11:11:15 EDT 2005


On Thu, 2005-10-06 at 09:39 -0400, Raymond T. Sundland wrote:
> chmod 400 saslauthd.conf
> 
> If someone has enough access to read the file at this point, they have
> enough access to modify your LDAP database files using the 'slapcat'
> and 'slapadd' commands, so any additional security of a hashed
> password would be useless.
> 
> he.tao at trilogy.com wrote: 
> > 
> >  It's really a bad idea to use clear text..

Exactly, but if you're that worried about it, make a user in your LDAP
directory that can only auth and do nothing else. 

Z




More information about the Info-cyrus mailing list