Re: Enhancement patch for basic auth module: yp_auth

From: Robert Collins <>
Date: Sun, 12 Oct 2003 12:43:34 +1000

On Sun, 2003-10-12 at 08:10, Henrik Nordstrom wrote:

> Hmm.. this is really best done using a external_acl helper like the other
> group lookups I think. Having a auth helper filter out what users are
> considered to exists in the user database is a bit strange to me..
> authorization is better done separate from authentication and allows for
> a cleaner migration to more detailed authorization levels when required.

There is one good condition: to prevent brute force attacks on guessable
backend users - like root.


GPG key available at: <>.

Received on Sat Oct 11 2003 - 20:43:36 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:44 MST