Date: Fri, 12 Jul 2002 16:47:50 -0700 From: Darren Pilgrim <dmp@pantherdragon.org> To: Nielsen <nielsen@memberwebs.com> Cc: freebsd-security@FreeBSD.ORG, Steve <sprasadi@addr.com> Subject: Re: plain text passwords Message-ID: <3D2F6AA6.5CF214CB@pantherdragon.org> References: <5.1.0.14.0.20020712114822.00ba8a20@localhost> <20020712231747.6EFBB43B396@mail.npubs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nielsen wrote: > > You should use an authentication module that uses hashed passwords. > > And secondly you usually shouldn't authenticate against the system > passwords. But if you have to, try to find a solution that doesn't give the > the apache user (www, or nobody or whatever) read access to your shaddow > passwords. > > One thing I used which worked well was the cyrus-sasl pwcheck daemon. Apache > has a module which authenticates against it. The pwcheck daemon runs as > root, relieving apache of the above need. Does pwcheck use PAM on FreeBSD? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D2F6AA6.5CF214CB>