On Thu, 2005-10-06 at 09:39 -0400, Raymond T. Sundland wrote: > chmod 400 saslauthd.conf > > If someone has enough access to read the file at this point, they have > enough access to modify your LDAP database files using the 'slapcat' > and 'slapadd' commands, so any additional security of a hashed > password would be useless. > > [EMAIL PROTECTED] wrote: > > > > It's really a bad idea to use clear text..
Exactly, but if you're that worried about it, make a user in your LDAP directory that can only auth and do nothing else. Z ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
