0
I Use This!
Activity Not Available
Analyzed 10 months ago. based on code collected 10 months ago.

Project Summary

pwauthAuthor and maintainer: Jan Wolter (email)

Pwauth is an authenticator designed to be used with mod_auth_external or mod_authnz_external and the Apache HTTP daemon to support reasonably secure web authentication out of the system password database on most versions of Unix.

What pwauth actually does is very simple: given a login and a password, it returns a status code indicating whether it is a valid login/password or not. It is normally installed as an suid-root program, so other programs (like Apache or a CGI program) can run it to check if a login/password is valid even though they don't themselves have read access to the system password database.

Though originally designed for web authentication, it can be used for other authentication applications, such as with the exim mail server.

People considering use of pwauth should be aware that there are innate security risks when you allow system passwords to be used on the web. Please be sure to read the wiki page on security risks.

Tags

password web pam authentication linux unix

In a Nutshell, pwauth...

This Project has No vulnerabilities Reported Against it

Did You Know...

  • ...
    Black Duck offers a free trial so you can discover if there are open source vulnerabilities in your code
  • ...
    anyone with an Open Hub account can update a project's tags
  • ...
    nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
  • ...
    by exploring contributors within projects, you can view details on every commit they have made to that project

Languages

Languages?height=75&width=75
C
94%
2 Other
6%

30 Day Summary

Apr 10 2016 — May 10 2016

12 Month Summary

May 10 2015 — May 10 2016

Ratings

Be the first to rate this project
Click to add your rating
   Spinner
Review this Project!