You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Cliff Skolnick <cl...@organic.com> on 1996/02/01 22:55:33 UTC
WWW Form Bug Report: "apache can verify users using /etc/shadow" on Solaris 2.x (fwd)
No ack sent.
--
Cliff Skolnick cliff@organic.com
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759
---------- Forwarded message ----------
Date: Thu Feb 1 12:14:09 1996
From: angelos@netaxis.com
To: cliff@organic.com
Subject: WWW Form Bug Report: "apache can verify users using /etc/shadow" on Solaris 2.x
Submitter: angelos@netaxis.com
Operating system: Solaris 2.x, version: 2.4
Extra Modules used: none
URL exhibiting problem: http://www.netaxis.com/customer/support.htm
Symptoms:
--
in the getpw function if you replace the last line
with the following little hack
it will allow apache to do user authentication
using the /etc/shadow file , given that the server
is running as root
w = getword(r->pool, &rpw, ':');
return pstrdup (r->pool, w);
it is also a good idea to so that you can add
elements to the .htpasswd file :-)
--
Backtrace:
--
--