[dovecot-cvs] dovecot dovecot-example.conf,1.36,1.37
cras at procontrol.fi
cras at procontrol.fi
Mon Jan 27 04:42:04 EET 2003
- Previous message: [dovecot-cvs] dovecot/src/master imap-process.c,1.24,1.25 imap-process.h,1.1,1.2 login-process.c,1.31,1.32
- Next message: [dovecot-cvs] dovecot/src/master auth-process.c,1.29,1.30 settings.c,1.43,1.44
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot
In directory danu:/tmp/cvs-serv225
Modified Files:
dovecot-example.conf
Log Message:
Authentication named socket permissions were insecure, an exploited login
process could have replaced it with it's own and began reading plaintext
passwords sent by other login processes.
Index: dovecot-example.conf
===================================================================
RCS file: /home/cvs/dovecot/dovecot-example.conf,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- dovecot-example.conf 27 Jan 2003 01:33:40 -0000 1.36
+++ dovecot-example.conf 27 Jan 2003 02:42:02 -0000 1.37
@@ -63,10 +63,12 @@
## Login process
##
-# Executable location
+# Executable location.
#login_executable = /usr/libexec/dovecot/imap-login
-# User to use for imap-login process
+# User to use for imap-login process. The user must belong to a group
+# where only it has access, it's used to control access for authentication
+# process named sockets.
#login_user = imapd
# Set max. process size in megabytes. If you don't use
- Previous message: [dovecot-cvs] dovecot/src/master imap-process.c,1.24,1.25 imap-process.h,1.1,1.2 login-process.c,1.31,1.32
- Next message: [dovecot-cvs] dovecot/src/master auth-process.c,1.29,1.30 settings.c,1.43,1.44
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list