PHWinfo - Afficher un message

16/09/2006, 19h07

On Sat, 16 Sep 2006 11:23:17 -0700, Mark Crispin
<mrc@CAC.Washington.EDU> wrote:

>> Hey! How about cron?

> Clever, but I would be a bit uncomfortable about having password in a
> crontab...

Passwords in crontabs are no worse than cleartext passwords in sasldb
or openldap. To have encrypted SASL authentication over the wire, you
have to store cleartext passwords on a host. There are good arguments
for avoiding the overhead of whole channel SSL encryption.

> An expect script is pretty bad too...

From the standpoint of permissions management and control, much worse
than crontabs.

16/09/2006, 19h07	#2
John Kelly Messages: n/a Hébergeur:	Re: mailutil and passwords? On Sat, 16 Sep 2006 11:23:17 -0700, Mark Crispin <mrc@CAC.Washington.EDU> wrote: >> Hey! How about cron? > Clever, but I would be a bit uncomfortable about having password in a > crontab... Passwords in crontabs are no worse than cleartext passwords in sasldb or openldap. To have encrypted SASL authentication over the wire, you have to store cleartext passwords on a host. There are good arguments for avoiding the overhead of whole channel SSL encryption. > An expect script is pretty bad too... From the standpoint of permissions management and control, much worse than crontabs.