[1100] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Saving Passwords in Binaries

daemon@ATHENA.MIT.EDU (Andrew Sweger)
Tue Aug 27 18:23:18 1996

Date: Mon, 26 Aug 1996 08:32:44 -0700 (PDT)
From: Andrew Sweger <absweger@u.washington.edu>
Reply-To: Andrew Sweger <absweger@u.washington.edu>
To: Todd W Burgess <tburgess@uoguelph.ca>
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.HPP.3.91.960821105908.26266A-100000@ccshst01>

On Wed, 21 Aug 1996, Todd W Burgess wrote:

>      I have been working on a program which will check for new mail on an 
> IMAP server...

There's no need to verify if the user has entered the correct password
to your new-mail-check program since the (possibly remote) IMAP server
will check it anyway and reply appropriately. Check out:

  http://www.imap.org/
  http://www.washington.edu/imap/

for more information. Look for information on setting up a
pre-authenticated IMAP server in the UW source distribution. This has
some security related side-effects, so read carefully. 

You will no doubt want a user configuration file to specify host and
mailbox/folder information to check. Maybe.

-- 
  /  Andrew B. Sweger                      absweger@u.washington.edu
 //  Computer Support Manager              csg@fammed.washington.edu
 \\  Department of Family Medicine
 //  University of Washington              (206) 685-4337
 /   Box 355304                            (206) 685-0610 (Fax)
---- Seattle, WA 98195-5304 --------------------------------------------------
The great thing about multitasking is that several things can go wrong at once.

home help back first fref pref prev next nref lref last post