[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Apache PAM Auth module

Quoting Heiko Hund <heiko ist eigentlich net>:


On Monday 31 March 2008 20:42:05 Kenneth Geisshirt wrote:
The reason for my interest is that I (and a group of friends) have a
subversion repositories with HTTP access. It seems like a good idea to
use PAM as part of the .htaccess file.

have you considered using mod_auth(nz)_external or mod_auth(n)_sasl for this
task? The main concern I had using mod_auth_pam in httpd was that it does not
work with shadow passwords unless you grant httpd access to /etc/shadow. I
think that's a bad idea.

You have a point in respect to the shadow issue. Typically, I only add the apache user to the shadow group and the httpd process does not run under this group. Moreover, for an internal web server/subversion repository this might not be so big a problem.

But I'll take a look at mod_auth(nz)_* modules - it seems to be worth it.


This message was sent using IMP, the Internet Messaging Program.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]