[Dovecot] checkpassword protocol

Timo Sirainen tss at iki.fi
Mon Apr 8 13:26:36 EEST 2013


On 8.4.2013, at 10.00, Heiko Schlichting <dovecot-l at FU-Berlin.DE> wrote:

>> Hmm. The AUTH_PASSWORD wasn't really an intentional addition .. but
>> I guess it can stay there. Some 10 years ago that might not have been
>> such a good idea since there were still some systems where process
>> environment variables were readable to all users in the system, but
>> I doubt there exist such systems anymore (at least where people would
>> want to run Dovecot).
> 
> Very optimistic assumption. Wouldn't it be safer to remove the password
> from the environment? Anyone using checkpassword should use FD 3 and 4 for
> this purpose. Environment variables and command line arguments are not safe
> to transport passwords.

All the OSes made the environment private 10-15 years ago. I think it's pretty safe to assume that older multiuser systems won't be running Dovecot with checkpassword backend.

But .. eh. I guess: http://hg.dovecot.org/dovecot-2.2/rev/9feb2986945c




More information about the dovecot mailing list