https://bugzilla.novell.com/show_bug.cgi?id=847989
https://bugzilla.novell.com/show_bug.cgi?id=847989#c1
Reinhard Max
A little checking and it looks like this feature has to be added at compile build time with a compiler switch. Once done, the password is remembered in a ".pine-passfile" in the users home directory.
This feature is being compiled into our pine package already (as can be seen by the presence of the -passfile option in 'alpine -h' output), but the filename is ~/.pinepw .
I need this feature added to the OpenSUSE 12.2 / 12.3 releases so I don't have to give users my upstream provider account password so they can send email using the OpenSUSE 12.2/12.3 x64 Alpine.
Please note that using the save password feature doesn't really keep your password secret, because your users can read their ~/.pinepw file. Also, the compile-time switch for enabling this is marked as "NOT secure, NOT recommended". If you want to share your outgoing SMTP account with your users, the right way to do so is to set up a local or site-wide mail transport agent such as postfix, qmail or sendmail to which your users can submit their mail without authentication and which in turn uses your SMTP credentials to pass it on to the provider.
This is a security problem making this tool unusable by any other than the system administrator until it is fixed.
As explained above, using this feature opens a security problem rather than closing one, especially when trying to abuse it for password distribution, so please don't do that. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.