cyrus-imapd
Alexander Dalloz
ad+lists at uni-x.org
Mon Jul 4 20:35:06 UTC 2005
Am Mo, den 04.07.2005 schrieb redhatdude at bellsouth.net um 22:19:
No HTML formatted mail please.
> Why is there two commands for setting up users: saslpasswd and
> saslpasswd2 with sasldb and sasldb2? Is this a secure method of
> authentication? Is there a benefit to using other methods instead of
> sasldb?
> EJ
There is SASL and SASLv2 (1 [old] vs. 2 [current]). saslpasswd and
sasldb are for SASL version 1 and saslpasswd2 together with sasldb2 are
SASLv2. Frankly I can't tell you which application on Fedora still uses
the obsolete SASL version 1. The mail applications should all be
compiled against SASLv2.
The MD4 mechs are secure. Plaintext auth is safe as long as the
connection goes over a TLS session.
LDAP is more flexible than using sasldb, to the cost that you have to
know how LDAP works. The sasldb has the disadvantage that user passwords
are stored plain text in the db file. So you have to care that you set
the permissions safe enough.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 22:26:52 up 9 days, 5:19, load average: 0.08, 0.18, 0.17
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050704/e694b176/attachment-0001.sig>
More information about the fedora-list
mailing list