Re: Suggestion: add security/cy2-plain as a dependency of mail/postfix sasl option

To: pkgsrc-users%netbsd.org@localhost
Subject: Re: Suggestion: add security/cy2-plain as a dependency of mail/postfix sasl option
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Mon, 20 Dec 2021 22:54:55 +0100

On Mon, Dec 20, 2021 at 02:47:03PM -0500, Greg Troxel wrote:
> Generally, we try to have dependencies be minimal, as everyone ends up
> with all listed dependencies.  In this case, the mechanisms are
> plugins, which is a scheme to keep that part of the code from having to
> be a dependency or option, and simply work when installed.

There are also real security concerns here. For example, if you expect
CRAM or other modern exchanges to be used that don't involve transfering
the password to the remote side, falling back to PLAIN would be a major
issue.

Joerg

References:
- Suggestion: add security/cy2-plain as a dependency of mail/postfix sasl option
  - From: manphiz
- Re: Suggestion: add security/cy2-plain as a dependency of mail/postfix sasl option
  - From: Greg Troxel

Prev by Date: diff from 2021-12-17 13:38 to 2021-12-19 21:22
Next by Date: Updated */trytond-*-* to 6.2.x
Previous by Thread: Re: Suggestion: add security/cy2-plain as a dependency of mail/postfix sasl option
Next by Thread: GCC on SunOS < 2.11, require new Binutils?
Indexes:

Home | Main Index | Thread Index | Old Index