httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: Passing passwords to CGI
Date Wed, 04 Aug 1999 13:02:40 GMT
Dirk-Willem van Gulik wrote:

> > Is there a "correct" way of doing this?
> 
> No, of course not :-) but the solution is
> 
> Adding to your cflags
> 
>         CFLAGS += -DSECURITY_HOLE_PASS_AUTHORIZATION
> 
> Do a grep in the source (util_script.c) for the full story.

Here's a thought - how about including the capability for passwords to
be inserted into the POST data that a CGI reads via stdin, ie the
password could be read as if it was simply another option on a form.

The name of this POST variable would be configurable so it didn't clash
with any existing variables in CGI.

Is this a good idea? If so, I'll try get it to work.

Regards,
Graham
-- 
-----------------------------------------
minfrin@sharp.fm		"There's a moon
					over Bourbon Street
						tonight...

Mime
View raw message