Letter M

mod_auth_shadow - An Apache module for authentication using /etc/shadow

Website: http://mod-auth-shadow.sourceforge.net
License: GPLv2+
Vendor: Fedora Project
Description:
When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root.  However, the webserver is
supposed to run under a non-root user, such as "nobody".

mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation.  When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.

Packages

mod_auth_shadow-2.2-4.el4.x86_64 [19 KiB] Changelog by Jaroslav Reznik (2010-04-09):
- CVE-2010-1151: bad wait(2) call causes randomized authorization (#578168)
- fix license tag
mod_auth_shadow-2.2-4.el4.i386 [18 KiB] Changelog by Jaroslav Reznik (2010-04-09):
- CVE-2010-1151: bad wait(2) call causes randomized authorization (#578168)
- fix license tag

Listing created by Repoview-0.6.6-1.el6