httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: chroot and spwd.db (fwd)
Date Sun, 07 Jan 1996 15:43:29 GMT
> 
> Ack sent.  How many of us use shadow passwords.  Solaris people
> certainly.  Anyone else?

Yep, SCO, at least in high security mode.

Cheers,

Ben.

> 
> Ay.
> 
> Forwarded message:
> > From isdmill@state.me.us  Fri Jan  5 06:36:21 1996
> > Message-Id: <199601051429.JAA10574@gatekeeper.ddp.state.me.us>
> > Date: Fri, 05 Jan 96 09:45:35 -0500
> > Sender: david@state.me.us
> > From: David Miller <isdmill@state.me.us>
> > X-Mailer: Mozilla 1.1N (X11; I; BSD/OS 2.0 i386)
> > MIME-Version: 1.0
> > To: apache-bugs@apache.org
> > Subject: chroot and spwd.db
> > X-URL: http://www.apache.org/bug_report
> > Content-Transfer-Encoding: 7bit
> > Content-Type: text/plain; charset=us-ascii
> > 
> > When configuring apache to run chrooted, it would be very nice indeed
> > if apache were to check for it's user/group ID's in the pwd.db database,
> > rather than the spwd.db database.
> > 
> > The difference, of course, is that some encrypted passwords are stored in the
> > spwd.db file and it's quite a pain to have to extract the relevent ID(s) from 
> > the master.passwd, then nolog them in a workfile, then run mk_pwdb on it in
> > order to make the passwords useless.  Be much nicer if apache looked for a
> > file without the encrypte passwords like ftpd.
> > 
> > As a desired added feature, it would be really nice to be able to specify
> > a chroot directory in the httpd.conf file:)
> > 
> > Thanks for doing a terrific job on a wonderful server!
> > 
> > 
> > Sincerely,
> > 
> > David Miller
> > 
> > 
> > 
> 

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant        Fax:   +44 (181) 994 6472
and Technical Director      Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message