RE: [netatalk-admins] Information on other authentications


Subject: RE: [netatalk-admins] Information on other authentications
From: Jim Zajkowski (jamesez@umich.edu)
Date: Wed Apr 21 1999 - 00:53:19 EDT


On Tue, 20 Apr 1999, Alex Yu wrote:

} I think we really need to find a way that don't require a cleartext .passwd.
} I mean.... what's the point by using two way encryption if .passwd is a
} cleartext passwd?

>From the fetchmail Design Notes, which answers this question:

 --- 8< ---
The reason there's no facility to store passwords encrypted in the
.fetchmailrc file is because this doesn't actually add protection.

Anyone who's acquired the 0600 permissions needed to read your
.fetchmailrc file will be able to run fetchmail as you anyway -- and if
it's your password they're after, they'd be able to rip the necessary
decoder out of the fetchmail code itself to get it.

All .fetchmailrc encryption would do is give a false sense of security to
people who don't think very hard.
 --- 8< ---

Jim



This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:37 EST