httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 46152] access allowed if password matches first seven characters of real password
Date Thu, 18 Jun 2009 11:54:15 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=46152


Dan Poirier <poirier@pobox.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO




--- Comment #1 from Dan Poirier <poirier@pobox.com>  2009-06-18 04:54:14 PST ---
The doc for htpasswd on 2.2 and trunk does say that when encrypted using
crypt() (the default), only the first 8 characters of the password are used. 
That might have been added since your bug report, I don't know. 

Are you sure it's 7 and not 8 characters?  Both the htpasswd doc, and the
crypt(3) man page, say that 8 characters are used.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message