httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: Apache 1.0.3 and 1.1b0
Date Sun, 18 Feb 1996 20:46:15 GMT
> 
> > 
> > The main reason for doing it is that cvs users can just say
> > "cvs co -r apache_1_0_3" instead of ftp, unzip, tar. It also means that any
> > minor tweaks needed for OSes not tested during the voting phase can be
> > added easily.
> 
> out of curiosity, ( and yes I know it killed the cat ) how does cvs do 
> authentication?  ( remote, or local that is ) 

By the usual method - it checks the password. There is some rather sad
scrambling (I tried to persuade them to use MD5(secret+random), but they
wouldn't). Still, its no less secure than telnet  ;-)

Well, actually, it is less secure, since it insists on storing the password.
This was optional in 1.6.

Cheers,

Ben.

> 
> <Aram>
> -- 
> Aram Mirzadeh						awm@qosina.com
> MIS Manager				      Apache httpd team member
> Qosina Corporation				    aram@hyperreal.com
> http://www.qosina.com/			    http://www.qosina.com/~awm
> 
> You're not drunk if you can lie on the floor without holding on.
>                 -- Dean Martin
> 

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message