CGI/1.0: last call

ts (decoux@moulon.inra.fr)
Mon, 6 Dec 93 07:28:30 +0100


> I don't know if I agree with Ari's security objection, but making the
> unencrypted passwords places a large amount of trust between script writers
> and system administrators (not necessarily in your case, but in general when
> scripts are commonly available software). This is really the only reason I
> can see for not making the password available to the script. Have I missed
> something?
>
> I would ask that you reconsider how you are planning to do this, perhaps you
> should maintain your own simple password file and grab the user's Oracle
> password from this file. This way, people do not have their Oracle passwords
> sent across the net, only their HTTP passwords, and in the future, only an
> encrypted request. The drawback is that you have to maintain two password
> files.

I don't want the unencrypted password, I can write C (or perl) code to
decrypt an encrypted request.

My problem is to retrieve a password with only an username. I can maintain
two password files but I don't want to have on my server a file where
passwords are stored in plaintext.

I'm paranoid ... Example, my file "/etc/passwd" is like this (C2) :

root:##root:0:1:Operator:/:/bin/csh
nobody:##nobody:65534:65534::/:
daemon:##daemon:1:1::/:
sys:##sys:2:2::/:/bin/csh
bin:##bin:3:3::/bin:
audit:##audit:9:9::/etc/security/audit:/bin/csh
AUpwdauthd:##AUpwdauthd:10:10:AUpwdauthd pseudo user::/bin/false
AUyppasswdd:##AUyppasswdd:11:10:AUyppasswdd pseudo user::/bin/false

....

> If this is completely unacceptable, or I have missed something, please let
> me know. I'll consider making the Authorization: line available to the
> script, but I am objected to it.

I'll try another solution ...

Thanks,

Guy Decoux