Advice of security point of view for doveadm and doveconf and sh usage #85
Comments
|
The dependency has been (almost) removed in the master branch of postfixadmin - https://github.com/postfixadmin/postfixadmin/blob/9620056277d09cf7a0e833f60dadc361208d4121/DOCUMENTS/HASHING.md You don't have to use doveadm for your password hashing. |
|
Thank you very much for info. Maybe in future. Good luck |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Last day I investigated php-fpm and especially postfixadmin strace file with some cool information behind the doors.
Postfixadmin needs for login inside database for password 3 additionally binarys - in my point of view too many -, because for php container hardening we MUST add these binarys as dependency inside high security container and these are security risks especially sh binary.
Can you figure out how to hash and dehash directly inside php universe itself without invoke sh, doveadm and doveconf?
I mean here exactly pure php solution clean one, without any additionaly binarys involved in this hashing and dehashing phase.
Thanks and
Best regards.
The text was updated successfully, but these errors were encountered: