httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Rodent of Unusual Size)
Subject Re: Changed information for PR mod_auth-any/460
Date Thu, 24 Apr 1997 17:33:23 GMT
>From the fingers of Marc Slemko flowed the following:
>We have had 5893 bug reports on this in the past and the response always
>was "it's a bad thing to do, so we won't support it."

    I agree that using the system passwd file is Badness.  I think
    people should always be discouraged from doing so in the strongest
    possible terms.  However, I don't see that the passwd file is the
    only one that ever uses or will use colons as delimiters.  The
    crypt() routine will never produce it as output, so it's a valid
    delimiter for any application that stores a password in the second
    column.  Using the passwd file as an excuse not to do this is like
    refusing to sell rope because people hang themselves with it.

    In other words, I'm *for* closing this PR with "don't do that!", but
    also *for* making the change to the code.

    #ken    :-(}

View raw message