[fpc-pascal]Login CGI

LUKACS-SINGER Peter lsp at impulzus.sch.bme.hu
Tue Oct 16 15:30:01 CEST 2001


On Tue, 16 Oct 2001, Cyril Lamy wrote:

> When you validate the form, the cgi create a file containing the username
> and the plain password. (not
> very sure, of course but more secure than running cgi as root).

If you do this, you might want to have your CGI script encode the
password given so no plain passwords will be stored. When the ten-minutely
script runs, it will place the appropiate line containing the username and
the already encoded password into the shadow password file (be aware to
use some kind of locking mechanism while editing the shadow file)

ave
lsp





More information about the fpc-pascal mailing list