https://bz.apache.org/bugzilla/show_bug.cgi?id=61631
Bug ID: 61631 Summary: htpasswd -v option should require read and not read-write for password file Product: Apache httpd-2 Version: 2.4.7 Hardware: PC OS: Linux Status: NEW Severity: minor Priority: P2 Component: support Assignee: bugs@httpd.apache.org Reporter: aikido...@gmail.com Target Milestone: --- Steps to reproduce on Ubuntu (where the bug was observed): 1) htpasswd –c htpasswd.site User.Name 2) chmod 444 htpasswd.site 3) htpasswd -v htpasswd.site User.Name htpasswd: cannot open file htpasswd.site for read/write access The htpasswd application fails to verify the password and seems to require the htpasswd.site file to be readable and writable. It was expected that the htpasswd program only needs to be able to read the file's contents and does not need write permission in order to verify if a provided password is valid or not. The following command does not provide version information for the installed program: htpasswd --version "man htpasswd" provides the Apache HTTP Server date as 2013-07-06 "apt-cache policy apache2" provides the installed version as 2.4.7-1ubuntu4.18.0 "apache2 -v" provides server version is Apache/2.4.7 (Ubuntu) and built Sep 18 2017 16:37:54 It is unknown if the issue occurs on other platforms. Possibly related to Bug 45923 – htpasswd tries to open(file, O_RDONLY | O_APPEND) -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org