Date: Mon, 6 Dec 93 07:28:30 +0100 From: decoux@moulon.inra.fr (ts) Message-id: <9312060628.AA16696@moulon.moulon.inra.fr> To: robm@ncsa.uiuc.edu Cc: luotonen@ptsun00.cern.ch, www-talk@nxoc01.cern.ch In-reply-to: Rob McCool's message of Sun, 5 Dec 1993 17:08:05 -0600 <9312052308.AA17863@void.ncsa.uiuc.edu> Subject: CGI/1.0: last call
> I don't know if I agree with Ari's security objection, but making the
> unencrypted passwords places a large amount of trust between script writers
> and system administrators (not necessarily in your case, but in general when
> scripts are commonly available software). This is really the only reason I
> can see for not making the password available to the script. Have I missed
> something?
>
> I would ask that you reconsider how you are planning to do this, perhaps you
> should maintain your own simple password file and grab the user's Oracle
> password from this file. This way, people do not have their Oracle passwords
> sent across the net, only their HTTP passwords, and in the future, only an
> encrypted request. The drawback is that you have to maintain two password
> files.
I don't want the unencrypted password, I can write C (or perl) code to
decrypt an encrypted request.
My problem is to retrieve a password with only an username. I can maintain
two password files but I don't want to have on my server a file where
passwords are stored in plaintext.
I'm paranoid ... Example, my file "/etc/passwd" is like this (C2) :
root:##root:0:1:Operator:/:/bin/csh
nobody:##nobody:65534:65534::/:
daemon:##daemon:1:1::/:
sys:##sys:2:2::/:/bin/csh
bin:##bin:3:3::/bin:
audit:##audit:9:9::/etc/security/audit:/bin/csh
AUpwdauthd:##AUpwdauthd:10:10:AUpwdauthd pseudo user::/bin/false
AUyppasswdd:##AUyppasswdd:11:10:AUyppasswdd pseudo user::/bin/false
....
> If this is completely unacceptable, or I have missed something, please let
> me know. I'll consider making the Authorization: line available to the
> script, but I am objected to it.
I'll try another solution ...
Thanks,
Guy Decoux