On Fri, 7 Sep 2001, Rodent of Unusual Size wrote:
> * On 2001-08-10 at 19:43,
> Rodent of Unusual Size <[EMAIL PROTECTED]> excited the electrons to say:
> >
> > In response to a private query, I worked up a little patch
> > to add an enhancement to mod_auth: in addition to 'require valid-user'
> > and 'require user xxx yyy zzz' the enhanced version recognises
> > 'require owner'. The idea is that access is granted if the
> > user is authenticated AND matches the username of the owner of
> > the file.
>
> Okey, here is the first part of the patch. I am submitting it
> to the list rather than just committing it because I am not
> sure about the use of non-threadsafe getpwuid() and getgrgid().
> However, since we use those elsewhere, if no-one has any comments
> within a couple of days I will go ahead and commit it.
>
> Note that this first pass is for *1.3* rather than 2.0, because
> the person who asked for it is using 1.3. I will bring it
> forward to 2.0 after it is committed to 1.3.
>
> I actually took it a step further than stated in the quotation
> above; the new keywords for Require are 'file-owner' and 'file-group';
> if there is an AuthGroupFile, and the file's group is listed in it,
> and the authenticated user is in that group, 'file-group' will
> grant access.
>
FWIW:
i still say 'Require valid-user' should be handled by the core.... i've
said this before, but its kinda kludgy the way it is. e.g: if you are
using mod_auth_db and have a 'Require valid-user' it only works if
mod_auth is enabled......
sure, mod_auth is enabled by default, but.......
sterling
