-----BEGIN PGP SIGNED MESSAGE-----
Patrick Donker wrote:
> Sorry for my double post, but I didnt see my first posting on the
> list, so I thought something went wrong...my bad apparently...
> Anyhow, I dont use any database backend, just plain old cdb. I did
> find something, but for that I have to recompile imap again, so that
> will be something for another day. If I got things working I'll post
> the solution on this list.
For cdb there are these things you can do.
1) Wait till the PHP extensions fully work and the vpopmail deamon that
the PHP extensions use fully work
2) Set vpassword's setuid bit and have apache execute it as whatever
user apache runs under (NOTE: INSECURE, AND ALLOWS ANY USER TO CHANGE
ANY PASSWORD FOR ANY ACCOUNT UNDER ANY DOMAIN IN VPOPMAIL)
3) Write some wrapper around it, that first requires a username and
password thru some method and making sure there is no way that this
username and password can be found, and thus securely invoking vpasswd.
4) Using PAM authentication
5) Using MySQL/PGSQL instead of CDB.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----