www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dgau...@hyperreal.org
Subject Re: mod_auth-any/770: mod_auth_db cannot handle empty password
Date Sat, 19 Jul 1997 09:57:18 GMT
Synopsis: mod_auth_db cannot handle empty password

State-Changed-From-To: open-closed
State-Changed-By: dgaudet
State-Changed-When: Sat Jul 19 02:57:17 PDT 1997
State-Changed-Why:
There's a difference between an empty password, and an
empty password that's been crypt()ed.  For example,
XXUp2ozpdysrQ is "" (without the quotes) crypted.  So your
patch actually causes it to consider any empty record from
the db to be an empty password... and I don't think that's
a good feature.

Dean


Mime
View raw message