[Dovecot] /etc/passwd Centos + dovecot

Reindl Harald h.reindl at thelounge.net
Tue Jun 25 23:01:44 EEST 2013

Am 25.06.2013 16:59, schrieb Paolo Andretta:
> On Tue, 25 Jun 2013, Dejan Doder wrote:
>> Hi group , I use system users with passwords defined in /etc/passwd.
>> How can users change their passwords ?
> I don't think this is dovecot related, but you can use squirrelmail + plug-in or roundcube + plugin or directly
> with a web interface to poppassd or usermin, or ...

with a great impact on security at all

* a sane webserver does not allow scripts exec()
* you do *not* want the passwd command invoked from a website

it is a broken design using system users and consider password changes
for the users via whatever enduser procotol - virtual users stored
in a database are the way to go if security matters

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130625/ab11fa1e/attachment.bin>

More information about the dovecot mailing list