[Hcoop-discuss] Web passwords
Davor Ocelic
docelic at hcoop.net
Mon Oct 17 17:21:26 EDT 2005
On Mon, Oct 17, 2005 at 09:21:23AM -0700, Adam Chlipala wrote:
> The documentation for this module backs up the assertion that www-data
> would need to be given read access to /etc/shadow. My understanding is
> that there is no "PAM daemon" that the module consults for
> authentication; rather, it follows PAM configuration itself, which is
> why it would need those permissions.
>
> Based on what I've learned so far, I'm thinking that we should stick
> with separate web passwords. I'm still open to suggestions, though.
I like separate passwords too. Ssh is one thing, you usually do it from
trusted machines, while you are easily tempted to "log in" into portal
from a random location.
So separate passwords are great.
I originally intended to include a discussion about the said module
and possiblities that we use it, but let's leave it at that for now.
Enjoy,
-doc
More information about the HCoop-Discuss
mailing list