[Bug 234445] New: Review Request: mod_auth_shadow - An Apache module for authentication using /etc/shadow

[bugzilla at redhat.com]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.




https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=234445

           Summary: Review Request: mod_auth_shadow - An Apache module for
                    authentication using /etc/shadow
           Product: Fedora Extras
           Version: devel
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: medium
          Priority: normal
         Component: Package Review
        AssignedTo: nobody at fedoraproject.org
        ReportedBy: fedora-packaging at dw-perspective.org.uk
         QAContact: fedora-package-review at redhat.com


Spec URL: http://david.dw-perspective.org.uk/tmp/mod_auth_shadow.spec
SRPM URL: http://david.dw-perspective.org.uk/tmp/mod_auth_shadow-2.1-1.src.rpm
Description: 

When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root.  However, the webserver is
supposed to run under a non-root user, such as "nobody".

mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation.  When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.