Marc Haber <mh+debian-de...@zugschlus.de> writes: > Chris Knadle <chris.kna...@coredump.us> wrote:
>> I don't like the fact that the /etc/exim4/passwd.client file is in a >> plaintext format, but there are usually several such files on systems >> such that realistically we're only really "safe" as long as the >> machines we run haven't been broken into. > And if you think about things, it is clear that the client needs the > plaintext password to be able to use it. > Even if certificate authentication, the most secure authentication > scheme available today, is used, you need the private key on the > client. Which is why sending mail as a system service when doing so requires a user's ISP credentials is a dubious idea. If you send it from a user process, such as their mail client, you have sophisticated credential management capabilities available to you: everything from prompting to using a system keyring that's only decrypted when they're sitting in front of the computer. If you insist on giving your system processes the ability to authenticate as you, you end up storing random clear-text passwords in configuration files, readily available for theft by anyone who can read the contents of your hard drive or compromise the system user the MTA runs as. It's also a separation of privileges violation: why should your MTA be able to upload files to your web space or examine your billing and credit card information at your ISP? The situation is, of course, much improved if your ISP supports per-service or per-client passwords, like Google now does, at which point the password isn't as valuable and the security problem is less worrisome. You can also ameliorate the problem by using an encrypted file system, of course. But I doubt most users are doing that, and it still doesn't solve the separation of privileges issue. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87wqqgcw85....@windlord.stanford.edu
