[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL_MECH and useronly

At 04:20 AM 1/11/2006, Luke Howard wrote:

>Any particular reason why SASL_MECH is a user-only settable
>option in libraries/libldap/init.c?

I think the reason was that setting this globally will
prevent individual users from taking advantage of the
full function of programs.   For instance, (IIRC)
if the user wants to auto-select the mechanism, having
SASL_MECH set globally will disallow this.

That is, ldap.conf options are suppose to be default
mechanism, not system-wide policy mechanism.

>It seems to me that this
>is very useful to set in a system-wide configuration file
>(ditto with the realm perhaps).

>-- Luke