-------- Original Message -------- Subject: Re: Net-NIS-0.34 // Apache-AuthenNIS-0.11 - possible bug. Date: Wed, 04 Feb 2004 14:21:22 -0700 From: Ed Santiago <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] CC: ShannonEricPeevey <[EMAIL PROTECTED]>, [EMAIL PROTECTED] References: <[EMAIL PROTECTED]>
>Content-type: text/html;
Hint: you may want to configure your mailreader to send plaintext email, or at least multipart/alternative with a plaintext part. My spam filters discard or flag all email sent as html-only. Many other people have spam filters set up the same way.
>One question: when you say I could have activated MD5 passwords,
>where do you mean? Apache?
This one is really unlikely. The only way I can think of this happening is if someone set the password manually using passwd(1) on a Linux system, on a local account, then cut&pasted the hash from /etc/shadow. Or some variation thereof.
If the hashed passwd string looks like '$1$xxx...$yyy...', where 'xxx...' is 8 chars and 'yyy...' 22, and '$' and '1' are literal dollar sign and numeral one respectively, it's an MD5 password and crypt() won't help.
Again, the probability of this happening is close to zero. I only mentioned it because it's often easier to write a list of (even absurd) possibilities than to spend a few hours back-and-forth over email...
Again, good luck, ^E -- Ed Santiago Toolsmith [EMAIL PROTECTED]
-- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
