Date: Fri, 21 Sep 2001 08:15:12 +0300 (EEST) From: Maxim Sobolev <sobomax@FreeBSD.org> To: dan@langille.org, ports@FreeBSD.org Cc: lioux@FreeBSD.org, kris@FreeBSD.org Subject: Re: qpopper and /etc/ftpusers Message-ID: <200109210515.IAA76507@ipcard.iptcom.net> In-Reply-To: <3BA9FBF4.13773.89DF47D@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Sep 2001 14:23:48 -0400, Dan Langille wrote: > I don't see how POP is connected to ftp users? /me too > This from mail/qpopper/Makefile: > = > CONFIGURE_ARGS=3D --enable-apop=3D${PREFIX}/etc/qpopper/pop.auth \ > --enable-nonauth-file=3D/etc/ftpusers \ > --with-apopuid=3Dpop --without-gdbm \ > --enable-keep-temp-drop > = > Does it make sense to do things that way? If an auth file is to be used = at all, why not use one = > with an appropriate name (e.g. /etc/popusers). Yes, it is why since some 1999 I have a qpopper/Makefile.local that overrides CONFIGURE_ARGS with --enable-auth-file=3D/etc/pop3users. :) > The current setup breaks POLA. No, the current setup astually preserves the POLA (it had been that way since the beginning of time) - check cvs log for mail/qpopper/Makefile. However, it might be a good idea to actually bite the bullet and break that stupid POLA. I would suggest to replace `--enable-nonauth-file=3D/etc/ftpusers' with something like `--enable-auth-file=3D/etc/pop3users'. Among other things, it would ensure that the default setup is the most secure. -Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109210515.IAA76507>