Arne Nordmark <[EMAIL PROTECTED]> writes: > Hello, > > In the description for libpam-heimdal it says: "This module should only > be used for local logins unless you really know what you are doing". On > the other hand it is quite tempting to use it for IMAP servers etc, so > what are the issues? Is it that it is easy to make misstakes in > configuration, or that it is possible to spoof with a fake KDC, or that > the code not is considered well audited, or something else? > > Arne
I'm not sure if they are refering to additional problems but the obvious one, but the obvious one would be using an unencrypted protocol to authenticate to pam with..... //Tobbe -- ###################################################################### Torbjörn Pettersson # Email [EMAIL PROTECTED] Vattugatan 5 # Web www.strul.nu/~tobbe S-111 52 Stockholm, Sweden # ######################################################################
