On Wed, 1 Dec 2004 13:17:57 -0500, daggerquill <[EMAIL PROTECTED]> wrote:
> On Wed, 1 Dec 2004 09:59:16 +0900, Thilo Planz <[EMAIL PROTECTED]> wrote:
>
>
> > > Hi list,
> >
> > Hi Webit,
> >
> >
> > > I have a perl script that authenticates users login
> > > info(username/password)
> > > users choose their own username password
> > > The script runs fine but can't write to the .htpasswd file
> >
> > Sounds like a problem of permissions.
> > The web server is running with very limited permissions, and can
> > probably not write this file.
> >
> > You could "chown" the file appropriately (give to to the web server
> > user account, which by default is called "www" ).
> >
> > chown www .htpasswd
> >
> > Cheers,
> >
> > Thilo
> >
> >
>
> This isn't really the place for an extended discussion of what's going
> on here, since the issues are local to neither OS X or perl,
> but...think long and hard before you change the permissions on
> .htpasswd (and .htaccess). There is a reason cgi programs can't write
> to them (and actually, many cgis test them and exit with an error if
> the find they are writable by www or nobody). If you're set on this,
> make sure you are very careful about using the -T switch and then
> validating the user input before you write it to the password file,
> and in the long run it would probably be worth it to look into the
> various mod_auth modules that let you store user-defined passwords in
> a variety of databases.
>
> Just my $.02,
>
> --jay savage
>
