Re: Apache & mod_auth_pam

To: Waldemar Brodkorb <waldemar@thinknow.de>
Cc: debian-isp@lists.debian.org
Subject: Re: Apache & mod_auth_pam
From: "Jeremy C. Reed" <reed@wcug.wwu.edu>
Date: Thu, 27 Sep 2001 13:50:50 -0700 (PDT)
Message-id: <[🔎] Pine.BSO.4.21.0109271349130.7431-100000@sloth.wcug.wwu.edu>
In-reply-to: <[🔎] 20010927203732.F5527@thinknow.de>

> > > At the moment I'm using mod_auth_pam for userauthentication on
> > > special webfolders. /etc/shadow have to be accessed by apache

> > And second some password-results aren't exposed like the root-pw and 
> > the accounts to maintain the machine.
> 
> How the root-pw or hash of it could be exposed?

If you are using standard http user authentication is is not encrypted or
secure. The usernames and passwords are passwd via plain text.

  Jeremy C. Reed
echo 'G014AE824B0-07CC?/JJFFFI?D64CB>D=3C427=>;>6HI2><J' |
tr /-_ :\ Sc-y./ | sed swxw`uname`w

Reply to:

Follow-Ups:
- Re: Apache & mod_auth_pam
  - From: Waldemar Brodkorb <waldemar@thinknow.de>

References:
- Re: Apache & mod_auth_pam
  - From: Waldemar Brodkorb <waldemar@thinknow.de>

Prev by Date: Re: Apache & mod_auth_pam
Next by Date: setup exim for remote outgoing mail
Previous by thread: Re: Apache & mod_auth_pam
Next by thread: Re: Apache & mod_auth_pam
Index(es):
- Date
- Thread