Project

General

Profile

Feature #1692

Add support for /etc/passwd in auth

Added by trajano over 11 years ago. Updated about 3 years ago.

Status:
Wontfix
Priority:
Normal
Assignee:
-
Category:
mod_auth
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

Add an auth backend that uses the system authentication (e.g. /etc/passwd).

History

#1

Updated by gstrauss about 3 years ago

  • Description updated (diff)
  • Category changed from core to mod_auth
  • Status changed from New to Wontfix
  • Assignee deleted (jan)

This sounds like a very bad idea since it might be the same credentials needed to log into the system with a shell, if, say, ssh is externally available. Even without that, extensive logic would be needed to attempt to curtail and slow down brute force attacks. Also, this would likely require elevated privileges (root), or, better, a separate (privileged) agent, and logic would need to be added keep lighttpd non-blocking while waiting for a response. (Such is true for other database-backed auth mechanisms, too)

Future work in lighttpd 1.4.x might make it easier to write custom auth backends, but I do not see lighttpd providing a backend for /etc/passwd, though there is the possibility of a PAM-based auth.

Also available in: Atom