[EMAIL PROTECTED] wrote:

No one seems to have answered your first question as yet. So better late
than never, here's my understanding of the current state of play.

> 1.   Is there away to store the root password anywhere more secure than in
the
> config.xml file?

Not in the current codebase. While it would be possible add the means to
store the password in an encrytped form within config.xml, this wouldn't
really achieve too much. As we are an open source project, the algorithm
used would be an open 'secret', enabling simple decryption.

Best to ensure that the entire config.xml file is secured against prying
eyes using file permissions.

> Is it fundamentally different from other user accounts (other
> than privilige of course :-)?

The 'root' userid/password is just a set of credentials, no more and no
less. There is no requirement that it should even be a James user, that is a
user with a local mailbox.

-- Steve


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to