[dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?

• From: Dave Kliczbor <maligree@xxxxxx>
• To: dokuwiki@xxxxxxxxxxxxx
• Date: Sun, 06 Aug 2006 05:19:46 +0200

hello there...

Michael Edwards schrieb:
> Is it secure/a Good Idea to use the local machine accounts in a web
> environment?

From the README of libapache2-mod-auth-pam package for Debian:

  SECURITY

  To use with standard Debian configuration you have to add "www-data"
  user to "shadow" group. Be careful! It means it can be readable by
  anyone who can run its own CGI script!

  The passwords are sent by net as clear text. You should use SSL to
  protect them.

You'll have to be more paranoid. Therefore, you might consider PAM-Auth
a Bad Idea.

cu
 Dave KLiczbor


-- 
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

• References:
  • [dokuwiki] using Pluggable Authentication Modules to authenticate users ?
    • From: Sebastien Sacard
  • [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?
    • From: Dave Kliczbor
  • [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?
    • From: Michael Edwards

Other related posts:

• » [dokuwiki] using Pluggable Authentication Modules to authenticate users ?
• » [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?
• » [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?
• » [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?
• » [dokuwiki] Re: using Pluggable Authentication Modules to authenticate users ?

1. Home
2. dokuwiki
3. Archive
4. 08-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---