From owner-freebsd-questions Thu Sep 7 12:13:49 2000 Delivered-To: freebsd-questions@freebsd.org Received: from eve.speakeasy.net (eve.speakeasy.net [216.254.0.17]) by hub.freebsd.org (Postfix) with ESMTP id 1DF5B37B423 for ; Thu, 7 Sep 2000 12:13:47 -0700 (PDT) Received: from paradive (dsl254-006-184-sea1.dsl-isp.net [216.254.6.184]) by eve.speakeasy.net (8.10.0/8.10.0) with SMTP id e87JC7x27234; Thu, 7 Sep 2000 12:12:07 -0700 Message-ID: <061f01c018ff$06fdd740$02fea8c0@localdomain> From: "paradive" To: "Raoul Schroeder" , "freebsd-questions" References: <39B7E4B5.4EFAB779@gmx.net> Subject: Re: PHP password authentication Date: Thu, 7 Sep 2000 12:08:37 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Original Message ----- From: Raoul Schroeder To: freebsd-questions Sent: Thursday, September 07, 2000 11:55 AM Subject: PHP password authentication > Hi, > > I set up apache to run with SSL and PHP. > I would like it to be possible for the intranet users to authenticate > themselves against the standard FreeBSD passwd file. > Two questions: > > a) is this a major security breach (I cannot imagine so, other than > being able to repeatedly try to authenticate, something which could be > controlled by using sessions, but then, i may be completely wrong) > > b) is this doable and how? personally, i'd recommend using htpasswd. paradive To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message