http://qs1969.pair.com?node_id=509463

sara2005 has asked for the wisdom of the Perl Monks concerning the following question:

Hello Monks,

I have set-up a web page (intranet) which validates the user's unix password for authentication. All I do is get the userid /password and try to ftp to the unix server using Net::FTP. I allow or deny further access based on the return value. To further tighten up, I am planning to have an authorized users list, which the program will first check before trying the ftp.

I am just curious to know if there are any security issues with this because the important CTQ is to use the Unix ID for validation?

Would appreciate your thoughts on this.