httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brandon Long <>
Subject Re: problem with DBM authorization (fwd)
Date Sat, 03 Jun 1995 20:31:44 GMT
Last time, Robert S. Thau uttered the following other thing:
>    Date: Fri, 2 Jun 1995 20:41:00 -0700 (PDT)
>    From: Brian Behlendorf <>
>    > You might also look into changing the way in which you use the DBM
>    > files.  Since we're adding several other security authorization types,
>    > we are making DBM files as just a separate file type for storing data,
>    > not a separate authentication type.
>    Eh?  Since it's possible to have a flat file named foo and a DBM file 
>    named foo(.pag, .dir, .db) at the same time, how does it know the 
>    difference if you don't somewhow explicitly tell it?
> It's possible that Brandon's being tripped up by a bit of code in
> auth_bong.c which makes it look as if "DBM" is being treated as an
> authentication type on par with "basic", which of course it isn't (the
> browsers can't know and shouldn't care how the data is stored inside
> the server, so as far as the clients are concerned, it is just basic
> authentication).   

Yes, I realize that you need to put something in the logfiles to say
its DBM, but you treat DBM fairly separately from everything else.
If you were to add MD5 auth code, for instance, would you provide completely
new back end (file end) as well?  Though, the code doesn't lend itself
very well to this type of modularity, I'll admit.

You can safely ignore me.  


 Brandon Long   (N9WUC)     "I think, therefore, I am confused." -- RAW
 Computer Engineering   	Run Linux '95.	It's that Easy. 
 University of Illinois
		Don't worry, these aren't even my views.

View raw message