Shantonu Sen <[EMAIL PROTECTED]> writes:
> I have some patches to make apop support autoconf-able.
Sounds good.
> I'll wait oncommitting them until 1.0.4 is out the door (if the plan to
> release today doesn't work out, I'll add it eventually).
I'm about to do it.
> also, are there strong objections to ditching system ruserpass and
> exclusively using the version in sbr/? it seems like there are some hacks
> in place to differentiate between ruserpass and _ruserpass, and -lsocket
> vs. not.
>
> The only reason why I bring it up is that ruserpass was falsely detected
> on my redhat 6.1 system (or maybe properly detected, but the right pieces
> of code weren't changed correctly). using the sbr version to make libmh.a
> made everything work OK. if it turns out that system ruserpass *is*
> important, the detection scripts need a little more work.
No objections from me. It's already been brought up that apparently the
ruserpass() on (some versions of?) Linux don't have the tty password
querying ability, so you don't put all your POP3 passwords in your .netrc
password, you can't get your mail.
The person I was talking to about this was worried about nmh's ruserpass()
not getting security patches that vendor versions would get, but the code
looks pretty simple to me -- I don't think there are any security holes.
ruserpass() isn't among the most security-sensitive portions of nmh anyway.
-----------------------------------------------------------------------
Dan Harkless | To prevent SPAM contamination, please
[EMAIL PROTECTED] | do not post this private email address
SpeedGate Communications, Inc. | to the USENET or WWW. Thank you.
