htadmprogram which is a part ot W3C httpd distribution.
Incorrectto standard output. Also indicates password correctness by a zero return value.
usernameis missing in either of the previous cases they are prompted interactively.
passwordfilemust be always specified. Missing real name is also prompted when adding a new user.
htadmto add new users to the actual Unix password file
/etc/passwd,entries written by
htadmare missing some necessary fields to Unix.
Passwords should not be longer
than 8 characters (this is a restriction from linemode clients using C
getpass() to read the password -- there
is no other cause for this restriction; the maximum hardcoded password
size is actually much larger, and if you only use GUI or other clients
that are able to read this long passwords, feel free to use them).
destroys the password from command line as soon as possible so that it
is very unlikely to see somebody's password by looking at the process
listing on the machine (with
ps, for example).