|Just another Perl shrine
Unix Password for validationby sara2005 (Scribe)
|on Nov 17, 2005 at 16:44 UTC
sara2005 has asked for the wisdom of the Perl Monks concerning the following question:
I have set-up a web page (intranet) which validates the user's unix password for authentication. All I do is get the userid /password and try to ftp to the unix server using Net::FTP. I allow or deny further access based on the return value. To further tighten up, I am planning to have an authorized users list, which the program will first check before trying the ftp.
I am just curious to know if there are any security issues with this because the important CTQ is to use the Unix ID for validation?
Would appreciate your thoughts on this.