Hi, my (test) system (Debian) is using shadow passwords and /etc/shadow belongs to a group called "shadow". I have installed mod_auth_pam but authentication fails because Apache 2.x is not able to read that file. Therefore I started my Apache using the "shadow" group, but this is not very good because of security reasons (a simple perl script could list my /etc/shadow in cleartext!). Is there any other way of enabling mod_auth_pam without using the local group "shadow" or creating a new group which is only able to read /etc/shadow (which will cause the same problems than using the "real" shadow group)? Bye and thanks, Werner. _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
