httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 40243] New: - Patch for htpasswd to optionally read passwords from stdin, not cmdline
Date Sun, 13 Aug 2006 21:03:38 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40243>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40243

           Summary: Patch for htpasswd to optionally read passwords from
                    stdin, not cmdline
           Product: Apache httpd-2
           Version: 2.3-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: support
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: adomas.paltanavicius@gmail.com


Recently I've been doing some server-side scripting and made use of htpasswd for
managing password files.  Batch mode is supposed for things like this, but it
only accepts password on the command line, which is insecure given most OSes
allow process listing to any user by default.

So I added `-i' (input) switch which when given together with `-b' (batch),
forces reading password from stdin.  That is much safer, because I can now use
popen-like functionality, or redirect world-unreadable files to stdin, for that
matter.

Attached is a patch against 2.3 trunk, r431238.

(If this patch is accepted, I could also provide additions for documentation.)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message