> I do want to warn you though, this type of configuration is not "secure"
at all.
>
> ps aux | grep cherokee-admingood point.
I hadn't thought about the "ps aux" command and their gossip behaviour ;)
>...what you could do, is prompt for a password in that function, and read
> it from the commandline.
So I think this would be a good option (where -P prompts for a password):
echo "mypassword" | ./cherokee-admin-launcher -P
another option is to use some pam authentication (or even use the passwd
file) at http request for authentication, but this would be a little more
complicate and, by now, I don't masters the cherokee code.
To do the first idea (the -P one) I believe this should be done:
* we only need to change the
https://github.com/cherokee/webserver/blob/master/cherokee/main_admin.c file
* add a help string at "print_help()" function
* at "process_parameters()": add "P" option. At "P" case, set "unsecure" to
"1" and "password" to the inputted one (both are globals).
It's right?
Some questions:
1) if "unsecure" is set to 1, then the code won't rewrite the password, but
at line 285 it also won't use the user-defined password. So I guess that I
have to change this too. It's right?
2) if I launch the cherokee-admin with the unsecure option at command line
(with the -u option) so I can define the user and password by adding this
lines at config file (cherokee.conf)?
1!auth = authlist
1!auth!methods = digest
1!auth!realm = Cherokee-admin
1!auth!list!1!user = myuser
1!auth!list!1!password = mypassword
3) Where the "cherokee_buffer_t" structure are defined? To set a password I
need to use the cherokee_buffer_add_char() and write char by char or there
some other option to do this?
PS: my english is awful so if someone don't understand something that I
wrote, please tell me so I can reformulate the question ;)
Thanks,
--
Daniel Loureiro
------------------------------