[courier-users] Re: [PATCH] WEBADMIN PASSWORD (DOH!) - Papo Napolitano - net.sourceforge.lists.courier-users

1 message in net.sourceforge.lists.courier-users[courier-users] Re: [PATCH] WEBADMIN ...

From	Sent On	Attachments
Papo Napolitano	Jan 23, 2002 10:37 am	.Other

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[courier-users] Re: [PATCH] WEBADMIN PASSWORD (DOH!)	Actions...
From:	Papo Napolitano (pa...@dosalcubo.com)
Date:	Jan 23, 2002 10:37:57 am
List:	net.sourceforge.lists.courier-users
Attachments:	courier-0.37.2-patch - 2k

Wooops, forgot to attach the patch... Sorry

Hi Sam,

As I don't trust plaintext passwords in files (no matter the permissions) I used perl's crypt function to encrypt the webadmin password with a random salt. I modified both webadmin.pl (for the password checking), and Makefile (for the make install-webadmin-password). I also changed the login form method from get to post, because I hated to see the "Opening https://server/cgi-bin/webadmin.pl?loginpass=whatever&do.login=1" in my Exploder's status bar (for like half a second).

Please consider this changes... Later.-

PS: Oh BTW, this piece of code:

if ($adminpw eq $password) { ; } else {

could be more readable as:

unless ($adminpw eq $password) {

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: