Author Topic: Default Postfix mysql map configuration is insecured  (Read 379 times)

0 Members and 1 Guest are viewing this topic.

Offline
**
Default Postfix mysql map configuration is insecured
« on: August 13, 2017, 09:17:41 AM »
Any user which have shell access can show postfix password from mysql-virtual_mailbox_maps.cf
This is totally insecured

If this is CWP Standard then this should be fixed

Offline
***
Re: Default Postfix mysql map configuration is insecured
« Reply #1 on: August 15, 2017, 05:06:59 AM »
Any user which have shell access can show postfix password from mysql-virtual_mailbox_maps.cf
This is totally insecured

If this is CWP Standard then this should be fixed

OMG you right, any user got root password also can do that....