[Date Prev][Date Next]
Re: SASL_MECH and useronly
At 04:20 AM 1/11/2006, Luke Howard wrote:
>Any particular reason why SASL_MECH is a user-only settable
>option in libraries/libldap/init.c?
I think the reason was that setting this globally will
prevent individual users from taking advantage of the
full function of programs. For instance, (IIRC)
if the user wants to auto-select the mechanism, having
SASL_MECH set globally will disallow this.
That is, ldap.conf options are suppose to be default
mechanism, not system-wide policy mechanism.
>It seems to me that this
>is very useful to set in a system-wide configuration file
>(ditto with the realm perhaps).