RepoView: "Fedora EPEL 4

Jump to letter: [ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]

mod_auth_shadow - An Apache module for authentication using /etc/shadow

Website:	http://mod-auth-shadow.sourceforge.net
License:	GPLv2+
Vendor:	Fedora Project

Description:

When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root.  However, the webserver is
supposed to run under a non-root user, such as "nobody".

mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation.  When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.

Packages

mod_auth_shadow-2.2-4.el4.i386 [18 KiB]

Changelog by Jaroslav Reznik (2010-04-09):

- CVE-2010-1151: bad wait(2) call causes randomized authorization (#578168)
- fix license tag

Listing created by Repoview-0.6.6-1.el6