Re: Configuration recommendations in a heterogenous Linux environment?

From: Les Mikesell <lesmikesell_at_gmail.com>
Date: 2006-07-04 18:00:12 CEST

On Tue, 2006-07-04 at 02:19, Nico Kadel-Garcia wrote:
> >
> > but: if you don't trust your OS (after you configured it correctly and
> > securely), the OP is right, you should not be using it...
>
> Erik, I was talking about the server side. It's a ghods-awful approach to
> keep software passwords floating around in plain text, for any system. The
> server administrator *should not* in general know user's passwords.

Can't you use any of the many mod_auth_xxx methods with apache
(LDAP, pam, etc.), many of which use encrypted and/or remote
passwords? The usual issue with http is that basic authentication
is passed in the clear, but with https the whole stream is
encrypted.

-- 
  Les Mikesell
   lesmikesell@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Tue Jul 4 17:59:29 2006

This message: [ Message body ]
Next message: Erik Huelsmann: "Re: Configuration recommendations in a heterogenous Linux environment?"
Previous message: Marc Haisenko: "Re: Howto make svn _follow_ symbolic links?"
In reply to: Nico Kadel-Garcia: "Re: Configuration recommendations in a heterogenous Linux environment?"
Next in thread: Nico Kadel-Garcia: "Re: Configuration recommendations in a heterogenous Linuxenvironment?"
Reply: Nico Kadel-Garcia: "Re: Configuration recommendations in a heterogenous Linuxenvironment?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]