From: Ted Zlatanov <[EMAIL PROTECTED]>
Date: Fri, 02 Jun 2006 14:41:48 -0400
On 2 Jun 2006, [EMAIL PROTECTED] wrote:
> > The Unix login process can be subverted by sudo (not to mention that
> > $USER can be set to anything, as others pointed out). You should
> > always
On 2 Jun 2006, [EMAIL PROTECTED] wrote:
> The key is to let somebody else do as much of the authentication
> implementation as possible, as it's tricky and time-consuming to get
> right.
>
> > The Unix login process can be subverted by sudo (not to mention that
> > $USER can be set to anything,
From: Ted Zlatanov <[EMAIL PROTECTED]>
Date: Fri, 02 Jun 2006 10:22:25 -0400
On 1 Jun 2006, [EMAIL PROTECTED] wrote:
> Let me clarify a bit more what I need to do. We want to use $USER
> to verify a valid user before running the program, so this is very
> unlikely go on the
On 1 Jun 2006, [EMAIL PROTECTED] wrote:
> Let me clarify a bit more what I need to do. We want to use $USER
> to verify a valid user before running the program, so this is very
> unlikely go on the web or have a web interface.
You can tie web-based authentication to an external user database
hi
( 06.06.01 22:48 -0400 ) Chris Devers:
> Plan for growth. You'll be glad you did, someday.
or, it will just go on that huge pile of great code that never got
deployed.
--
\js oblique strategy: make a sudden, destructive unpredictable action;
incorporate
5 matches
Mail list logo
