On Sun, 30 Jun 2002, Nadav Har'El wrote: > On Sun, Jun 30, 2002, Orna Agmon wrote about "Re: Apache vs. Samba authentication": > >... > > main disadvantages: the passwd file is not protected in /etc/shadow, and > > is created once a (day?). on the other hand, the script which extracts the > > passwd file from the database also runs under regular user privileges, so > > it actually begins with yp configuration problem. > >... > > One thing you should watch out for in such a setup and using Apache's basic > authentication is that the user+password pair is passed unencrypted over > the network. So typically, the users' real passwords should not be used, > especially not over the Internet. > > There are two ways you can get around this security problem: use SSL > (install Apache with Modssl) or use different passwords for the unsecure > connections than you use for shell logins.
In this configuration, i believe, just the SSL option is possible, since different passwords will not be supported by the password server, either NT or YP. (He wants to use the same database, and the same group of users, which already exists.) > > -- Orna. | http://tx.technion.ac.il/~agmon There are only 10 types of people in the world- Those who understand binary, and those who do not. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
