Mercurial > dovecot > original-hg > dovecot-1.2

diff dovecot-example.conf @ 1330:7cde19dbe754 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Moved auth_username_chars from db-pgsql to generic for all. Some other auth code cleanups.
author Timo Sirainen <tss@iki.fi>
date Wed, 02 Apr 2003 05:09:41 +0300
parents 0a524d229f50
children c27c6089e933
line wrap: on
line diff
--- a/dovecot-example.conf	Wed Apr 02 05:05:38 2003 +0300
+++ b/dovecot-example.conf	Wed Apr 02 05:09:41 2003 +0300
@@ -393,6 +393,13 @@
 # Number of authentication processes to create
 #auth_count = 1
 
+# List of allowed characters in username. If the user-given username contains
+# a character not listed in here, the login automatically fails. This is just
+# an extra check to make sure user can't exploit any potential quote escaping
+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
+# set this value to empty.
+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
+
 # More verbose logging. Useful for figuring out why authentication isn't
 # working.
 #auth_verbose = no