> information to root only. If you have a shadow passwd system, then you
> either have to run the authenticator as root (preferably using
> getspnam() or PAM to read the shadow file), or you have to export the
>
in which case you also need to introduce deliberate
processing delays, which may well break Squid, to
prevent it being used as a fast way of trying out
passwords (real time delays are not enough,
as the attacker could start multiple threads).
> shadowed password information to a file readable by Squid.
>
In which case you have completely defeated the purpose
of the shadow passwords.
Received on Tue May 25 1999 - 12:24:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:25 MST