Quoting Joseph Nahmias (2019-01-27 03:48:50) > Package: wnpp > Severity: wishlist > Owner: Joseph Nahmias <j...@nahmias.net> > > * Package name : radicale-auth-pam > Version : 0.2 > Upstream Author : Joseph Nahmias <j...@nahmias.net> > * URL : https://gitlab.com/jello/radicale_auth_PAM > * License : GPL3 > Programming Lang: Python > Description : PAM authentication plugin for Radicale
Are you aware that Radicale can already use PAM, by use of uWSGI and the Apache2 mod-authnz-external module? The Debian package suggests this approach, and provides snippets for setting up PAM that way. I notice that you are upstream author of this plugin, so I guess you are biased towards using your own implementation. May I suggest that at least you mention in long description how access to sensitive material is handled? For inspiration, libapache2-mod-authnz-external contains this: > Notably, this module can be used to securely authenticate against PAM > (without exposing /etc/shadow file), using, for example, pwauth > authenticator. Mentioning in long description how security is addressed will help users decide which approach to take. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
