hello there... Michael Edwards schrieb: > Is it secure/a Good Idea to use the local machine accounts in a web > environment? From the README of libapache2-mod-auth-pam package for Debian: SECURITY To use with standard Debian configuration you have to add "www-data" user to "shadow" group. Be careful! It means it can be readable by anyone who can run its own CGI script! The passwords are sent by net as clear text. You should use SSL to protect them. You'll have to be more paranoid. Therefore, you might consider PAM-Auth a Bad Idea. cu Dave KLiczbor -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist