Package: libsasl2-modules-sql Version: 2.1.25.dfsg1-6+deb7u1 Severity: wishlist
Dear Maintainer, Encrypting the password in an sql database for sasl2 to use has been a long outstanding feature that needs to be fixed. There are currently a few methods of resolving the issue but they involve outdated patches as well as installing other packages as a work around to the solution. Fixing this issue could help resolve a major issue with sql databases and sasl2 and help promote cyrus as imap server. The issue in question is the lack of support for the password_format: crypt option. As online security is ever more important this day and age, storing plain text passwords in a database isn't an acceptable use case. This functionality has been included with other libsasl2-modules-* packages. I honestly haven't found an answer as to why this functionality hasn't been included. If there is a reason, I apologize for the bug report but would also like an explanation so that I may document it accordingly. Thank you for your time. I look forward to answering any more questions you may have about this issue and/or what the current fixes look like. Best, Alex -- System Information: Debian Release: 7.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libsasl2-modules-sql depends on: ii libc6 2.13-38 ii libmysqlclient18 5.5.31+dfsg-0+wheezy1 ii libpq5 9.1.9-1 ii libsasl2-modules 2.1.25.dfsg1-6+deb7u1 ii libsqlite3-0 3.7.13-1+deb7u1 libsasl2-modules-sql recommends no packages. libsasl2-modules-sql suggests no packages. -- no debconf information
