httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark J Cox <>
Subject Re: Comment fields in htpasswd
Date Wed, 08 Jan 1997 13:56:42 GMT
> Should be quite safe to add; I really cannot imagine
> any system crypt allowing colons in the passwd. 
> But although this would work for mod_auth.c; one would need
> to do mod_auth_dmb/sql/... as well.

Yes, this has always been allowed in mod_auth_dbm (since I wrote the stuff
to piggy-back a group list into the same auth file*).  I'm sure I did a
patch for the .htpasswd files ignoring things after :'s in 1995 (back in
the days when we used to have patch files with names like E90!), we
certainly ran that patch on until we switched to DBM's.

+1 on mod_auth ignoring anything after the second colon as default.


* the idea was to allow people to store the password and group info in
one DBM file with the format  user:password:comma list of groups:ignored
The user file if used on its own can have  user:password:ignored  but
the group file has to be either user:groups or user::groups:ignored

View raw message