* Kris Verbeeck wrote:
> * htpasswd blindly processes the file you give it, and does no
> sanity checking before totally corrupting whatever file it was
> you thought you had. It should check the input file and bail
> if it finds non-comment lines that do not contain exactly 1
> ':' character.
> Message-ID: <[EMAIL PROTECTED]>
Sorry, if I'm too late, but this is a bad criterion, since the parser of
mod_auth/mod_authn_file uses the second colon as a delimiter and many
people put comments after it.
The second colon is also /neccessary/ if you want plain text passwords
(e.g. under win32) that end with spaces...
[Yes, I've seen this already]
nd
--
Treat your password like your toothbrush. Don't let anybody else
use it, and get a new one every six months. -- Clifford Stoll
(found in ssl_engine_pphrase.c)
