https://www.webmaster-forums.net/crss/node/1017421 en https://www.webmaster-forums.net/server-side-scripting/perl-script-php-root#comment-1102131 <p>You can't dump the contents of /etc/shaddow into a SQL database every x amount of minutes? This would probably be more secure? </p> <p>Saying that, how many users have you got? If it's less than 100 users, then using a flat file system will actually be faster (under similar benchmark tests) than a SQL database.</p> Mon, 18 Feb 2002 17:10:10 +0000 Wil comment 1102131 at https://www.webmaster-forums.net https://www.webmaster-forums.net/server-side-scripting/perl-script-php-root#comment-1102122 <p>thanks wil.</p> <p>i found a [url=http://www.math.ohio-state.edu/~ccunning/pam_auth.html]PHP pam module[/php] that looks like it would do what i need to do, but this isn't important enough to justify rebuilding php.</p> <p>my rather unelegant solution is much like you suggested. i have a perlscript run by crontab that copies the info i need out of /etc/shadow and writes it to a file readable only by httpd every 15 minutes. not the most secure solution, but i do strip the root password out and it accomplishes what i need to do (validate users through php)</p> Mon, 18 Feb 2002 16:13:23 +0000 ROB comment 1102122 at https://www.webmaster-forums.net https://www.webmaster-forums.net/server-side-scripting/perl-script-php-root#comment-1102119 <p>There only way you could do this would be to reconfigure your web server to run as user 'root'. And any web server developer that allows you to do this should be shot. It's the most stupid thing anyone could ever do.</p> <p>I'm so glad that your server is set up properly to not allow you to do this. </p> <p>If this is an absolute must, why don't you make a copy of /etc/shadow and put it somewhere else - and strip the passwords out at the same time!!!</p> Mon, 18 Feb 2002 15:57:46 +0000 Wil comment 1102119 at https://www.webmaster-forums.net