riele.
--
Da: Raymond T. Sundland
A: Dan White
Cc: info-cyrus@lists.andrew.cmu.edu
Data: 25 gennaio 2011 19.52.42 CET
Oggetto: Re: SASL w/ Encrypted SQL Password Security (Comment, Suggestion
and Possible Solution)
Thanks for the explanation. Though, I would prefer some
Thanks for the explanation. Though, I would prefer something better
than MD5 since it has been broken for years.
As for my "hack", it doesn't work because I mis-read what %p was,
thinking it was the password, not the column to look for... so back to
the drawing board. I will look at using someth
On 25/01/11 12:48 -0500, Raymond T. Sundland wrote:
>So given that it's been at least 6 years since it's been common
>security practice to not store cleartext passwords in a database, why
>does SASL still require it? Can't SASL be modified to accept
>some token from the SQL query t
Maybe this isn't the correct list for this question as it has to do
more with SASL, but I am setting up a new mail server on a new box.
This is my 4th iteration of "starting fresh" using Cyrus Imap with
some sort of 3rd party database backend, using both LDAP and MySQL
