[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Patch: Fix user authentication + MKDB
From: |
Pankaj K Garg |
Subject: |
RE: Patch: Fix user authentication + MKDB |
Date: |
Wed, 25 Sep 2002 08:55:35 -0700 |
> > ...
> > plain text for passwords with a $0$ prefix,
> > MD5 format for passwords with a $1$ prefix, and
> > DES format for passwords without a prefix.
>
> IMHO this is better than default=plaintext-passwords.
Yes. I'll fix this in the patch tomorrow.
> > ...
> ... why not give them empty passwords ? As in:
>
> foo:$0$test:edit:
> *::view:
>
> Then the behavior IMHO should be:
> - user foo gives correct password --> 'edit' access
> - user foo gives wrong password --> no access
> - user foo gives no/empty password --> 'view' access
> - user bar gives any password --> no access
> - user bar gives no/empty password --> 'view' access
>
> Would that be possible ?
I see your point: If the user mis-types his password, and we
silently give them read access, they don't know what happened.
I'm in favor of your solution--should be possible to implement.
Regards
Pankaj
- Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/23
- Re: Patch: Fix user authentication + MKDB, Lars Henriksen, 2002/09/25
- Re: Patch: Fix user authentication + MKDB, Dirk Schenkewitz, 2002/09/25
- RE: Patch: Fix user authentication + MKDB,
Pankaj K Garg <=
- RE: Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/26
- RE: Patch: Fix user authentication + MKDB, Yngve Svendsen, 2002/09/27
- Re: Patch: Fix user authentication + MKDB, Lars Henriksen, 2002/09/27
- RE: Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/27
- Re: Patch: Fix user authentication + MKDB, Lars Henriksen, 2002/09/27
- RE: Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/27
- Re: Patch: Fix user authentication + MKDB, Lars Henriksen, 2002/09/29
- RE: Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/29
RE: Patch: Fix user authentication + MKDB, Pankaj K Garg, 2002/09/25