CGI/1.0: last call

decoux@moulon.inra.fr (ts)
Date: Mon, 6 Dec 93 07:28:30 +0100
From: decoux@moulon.inra.fr (ts)
Message-id: <9312060628.AA16696@moulon.moulon.inra.fr>
To: robm@ncsa.uiuc.edu
Cc: luotonen@ptsun00.cern.ch, www-talk@nxoc01.cern.ch
In-reply-to: Rob McCool's message of Sun, 5 Dec 1993 17:08:05 -0600 <9312052308.AA17863@void.ncsa.uiuc.edu>
Subject: CGI/1.0: last call

> I don't know if I agree with Ari's security objection, but making the
> unencrypted passwords places a large amount of trust between script writers
> and system administrators (not necessarily in your case, but in general when
> scripts are commonly available software). This is really the only reason I
> can see for not making the password available to the script. Have I missed
> something?
>
> I would ask that you reconsider how you are planning to do this, perhaps you
> should maintain your own simple password file and grab the user's Oracle
> password from this file. This way, people do not have their Oracle passwords
> sent across the net, only their HTTP passwords, and in the future, only an
> encrypted request. The drawback is that you have to maintain two password
> files.

 I don't want the unencrypted password, I can write C (or perl) code to
decrypt an encrypted request. 

 My problem is to retrieve a password with only an username. I can maintain
two password files but I don't want to have on my server a file where
passwords are stored in plaintext.

 I'm paranoid ... Example, my file "/etc/passwd" is like this (C2) :

   root:##root:0:1:Operator:/:/bin/csh
   nobody:##nobody:65534:65534::/:
   daemon:##daemon:1:1::/:
   sys:##sys:2:2::/:/bin/csh
   bin:##bin:3:3::/bin:
   audit:##audit:9:9::/etc/security/audit:/bin/csh
   AUpwdauthd:##AUpwdauthd:10:10:AUpwdauthd pseudo user::/bin/false
   AUyppasswdd:##AUyppasswdd:11:10:AUyppasswdd pseudo user::/bin/false

    ....

> If this is completely unacceptable, or I have missed something, please let
> me know. I'll consider making the Authorization: line available to the
> script, but I am objected to it.

 I'll try another solution ...

 Thanks,

Guy Decoux